What is the severity of CVE-2010-4015?

CVE-2010-4015 is rated as a high severity vulnerability that can lead to denial of service and potential remote code execution.

How do I fix CVE-2010-4015?

To fix CVE-2010-4015, you should upgrade PostgreSQL to version 9.0.3 or later, 8.4.7 or later, 8.3.14 or later, or 8.2.20 or later.

Which versions are affected by CVE-2010-4015?

CVE-2010-4015 affects PostgreSQL versions 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20.

Who can exploit CVE-2010-4015?

CVE-2010-4015 can be exploited by remote authenticated users to cause a denial of service.

What is the impact of CVE-2010-4015?

The impact of CVE-2010-4015 includes crashing the database and potentially executing arbitrary code.

Vulnerability/
CVE-2010-4015

medium

6.5

CWE

189 119

2/2/2011

7/8/2024

CVE-2010-4015: Buffer Overflow

First published: Wed Feb 02 2011(Updated: )

Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
PostgreSQL JDBC Driver	=8.3
PostgreSQL JDBC Driver	=8.3.1
PostgreSQL JDBC Driver	=8.3.2
PostgreSQL JDBC Driver	=8.3.3
PostgreSQL JDBC Driver	=8.3.4
PostgreSQL JDBC Driver	=8.3.5
PostgreSQL JDBC Driver	=8.3.6
PostgreSQL JDBC Driver	=8.3.7
PostgreSQL JDBC Driver	=8.3.8
PostgreSQL JDBC Driver	=8.3.9
PostgreSQL JDBC Driver	=8.3.10
PostgreSQL JDBC Driver	=8.3.11
PostgreSQL JDBC Driver	=8.3.12
PostgreSQL JDBC Driver	=8.3.13
PostgreSQL JDBC Driver	=9.0
PostgreSQL JDBC Driver	=9.0.1
PostgreSQL JDBC Driver	=9.0.2
PostgreSQL JDBC Driver	=8.4
PostgreSQL JDBC Driver	=8.4.1
PostgreSQL JDBC Driver	=8.4.2
PostgreSQL JDBC Driver	=8.4.3
PostgreSQL JDBC Driver	=8.4.4
PostgreSQL JDBC Driver	=8.4.5
PostgreSQL JDBC Driver	=8.4.6
PostgreSQL JDBC Driver	=8.2
PostgreSQL JDBC Driver	=8.2.1
PostgreSQL JDBC Driver	=8.2.2
PostgreSQL JDBC Driver	=8.2.3
PostgreSQL JDBC Driver	=8.2.4
PostgreSQL JDBC Driver	=8.2.5
PostgreSQL JDBC Driver	=8.2.6
PostgreSQL JDBC Driver	=8.2.7
PostgreSQL JDBC Driver	=8.2.8
PostgreSQL JDBC Driver	=8.2.9
PostgreSQL JDBC Driver	=8.2.10
PostgreSQL JDBC Driver	=8.2.11
PostgreSQL JDBC Driver	=8.2.12
PostgreSQL JDBC Driver	=8.2.13
PostgreSQL JDBC Driver	=8.2.14
PostgreSQL JDBC Driver	=8.2.15
PostgreSQL JDBC Driver	=8.2.16
PostgreSQL JDBC Driver	=8.2.17
PostgreSQL JDBC Driver	=8.2.18
PostgreSQL JDBC Driver	=8.2.19

Remedy

http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=7ccb6dc2d3e266a551827bb99179708580f72431

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-4015?
CVE-2010-4015 is rated as a high severity vulnerability that can lead to denial of service and potential remote code execution.
How do I fix CVE-2010-4015?
To fix CVE-2010-4015, you should upgrade PostgreSQL to version 9.0.3 or later, 8.4.7 or later, 8.3.14 or later, or 8.2.20 or later.
Which versions are affected by CVE-2010-4015?
CVE-2010-4015 affects PostgreSQL versions 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20.
Who can exploit CVE-2010-4015?
CVE-2010-4015 can be exploited by remote authenticated users to cause a denial of service.
What is the impact of CVE-2010-4015?
The impact of CVE-2010-4015 includes crashing the database and potentially executing arbitrary code.

agent/author
agent/references
agent/type
agent/remedy
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-historical
vendor/postgresql
canonical/postgresql jdbc driver
version/postgresql jdbc driver/8.3
version/postgresql jdbc driver/8.3.1
version/postgresql jdbc driver/8.3.2
version/postgresql jdbc driver/8.3.3
version/postgresql jdbc driver/8.3.4
version/postgresql jdbc driver/8.3.5
version/postgresql jdbc driver/8.3.6
version/postgresql jdbc driver/8.3.7
version/postgresql jdbc driver/8.3.8
version/postgresql jdbc driver/8.3.9
version/postgresql jdbc driver/8.3.10
version/postgresql jdbc driver/8.3.11
version/postgresql jdbc driver/8.3.12
version/postgresql jdbc driver/8.3.13
version/postgresql jdbc driver/9.0
version/postgresql jdbc driver/9.0.1
version/postgresql jdbc driver/9.0.2
version/postgresql jdbc driver/8.4
version/postgresql jdbc driver/8.4.1
version/postgresql jdbc driver/8.4.2
version/postgresql jdbc driver/8.4.3
version/postgresql jdbc driver/8.4.4
version/postgresql jdbc driver/8.4.5
version/postgresql jdbc driver/8.4.6
version/postgresql jdbc driver/8.2
version/postgresql jdbc driver/8.2.1
version/postgresql jdbc driver/8.2.2
version/postgresql jdbc driver/8.2.3
version/postgresql jdbc driver/8.2.4
version/postgresql jdbc driver/8.2.5
version/postgresql jdbc driver/8.2.6
version/postgresql jdbc driver/8.2.7
version/postgresql jdbc driver/8.2.8
version/postgresql jdbc driver/8.2.9
version/postgresql jdbc driver/8.2.10
version/postgresql jdbc driver/8.2.11
version/postgresql jdbc driver/8.2.12
version/postgresql jdbc driver/8.2.13
version/postgresql jdbc driver/8.2.14
version/postgresql jdbc driver/8.2.15
version/postgresql jdbc driver/8.2.16
version/postgresql jdbc driver/8.2.17
version/postgresql jdbc driver/8.2.18
version/postgresql jdbc driver/8.2.19