CVE-2003-0901

{"id": "CVE-2003-0901", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2003-11-03T05:00:00.000", "references": [{"url": "http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/ascii.c", "source": "cve@mitre.org"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000784", "source": "cve@mitre.org"}, {"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000772", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2003/dsa-397", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-313.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-314.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/8741", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/ascii.c", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000784", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000772", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2003/dsa-397", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-313.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-314.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/8741", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95E0614E-0911-43EE-9F3D-2CF87E0F1851"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFF09CFB-F7CE-4659-BB20-83231539F765"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFE8C2A3-7575-41C6-896C-C367E6D35015"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88ED8E8C-9044-4E77-923A-D5C6C02A1081"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037FF208-82A1-4448-88FE-FACB922FE1E0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4064A96D-84D5-4257-9981-1139CD4CD08C"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C98290E4-2919-4492-BD14-BB24BA85C729"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B56E9F72-6CBF-4784-89CD-435A030AC0B0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DEF0FE5-EFCF-448E-B6BD-95FDDD4E17FD"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}