Home > Vulnerability Database > CVE-2007-6067

Mend.io Vulnerability Database

CVE-2007-6067

Date: January 9, 2008

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

Severity Score

6.5

Related Resources (44)

Url: https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

Url: http://www.vupen.com/english/advisories/2008/1071/references

Url: https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html

Url: http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894

Url: http://www.debian.org/security/2008/dsa-1460

Url: https://access.redhat.com/security/cve/CVE-2007-6067

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154

Url: http://www.vupen.com/english/advisories/2008/0061

Url: http://security.gentoo.org/glsa/glsa-200801-15.xml

Url: http://secunia.com/advisories/29638

Url: http://securitytracker.com/id?1019157

Url: http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894

Url: http://www.debian.org/security/2008/dsa-1463

Url: http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-6067

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235

Url: http://www.redhat.com/support/errata/RHSA-2008-0040.html

Url: http://secunia.com/advisories/28464

Url: http://www.securityfocus.com/bid/27163

Url: http://rhn.redhat.com/errata/RHSA-2013-0122.html

Url: http://www.redhat.com/support/errata/RHSA-2008-0038.html

Url: http://www.securityfocus.com/archive/1/486407/100/0/threaded

Url: http://www.vupen.com/english/advisories/2008/0109

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/39498

Url: http://www.postgresql.org/about/news.905

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:004

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

Url: http://www.securityfocus.com/archive/1/485864/100/0/threaded

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1

Url: https://usn.ubuntu.com/568-1/

Url: https://issues.rpath.com/browse/RPL-1768

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-6067

Url: http://secunia.com/advisories/28479

Url: http://secunia.com/advisories/28359

Url: http://secunia.com/advisories/28679

Url: http://secunia.com/advisories/28437

Url: http://secunia.com/advisories/28438

Url: http://secunia.com/advisories/28376

Url: http://secunia.com/advisories/28454

Url: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Url: http://secunia.com/advisories/28455

Url: http://secunia.com/advisories/28477

Url: http://secunia.com/advisories/28698

Url: https://www.mend.io/vulnerability-database/CVE-2007-6067

Severity Score

6.5

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-6067

Date: January 9, 2008

Severity Score

Related Resources (44)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?