Search for vulnerabilities
Vulnerability details: VCID-vcf6-7r1n-aaaj
Vulnerability ID VCID-vcf6-7r1n-aaaj
Aliases CVE-2016-0773
Summary CVE-2016-0773 postgresql: case insensitive range handling integer overflow leading to buffer overflow
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-190 Integer Overflow or Wraparound
CWE-122 Heap-based Buffer Overflow
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0773.html
rhas Important https://access.redhat.com/errata/RHSA-2016:0346
rhas Important https://access.redhat.com/errata/RHSA-2016:0347
rhas Important https://access.redhat.com/errata/RHSA-2016:0348
rhas Important https://access.redhat.com/errata/RHSA-2016:0349
rhas Important https://access.redhat.com/errata/RHSA-2016:1060
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0336 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.0451 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.05172 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.20548 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.20548 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.20548 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.20548 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
epss 0.21119 https://api.first.org/data/v1/epss?cve=CVE-2016-0773
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1303832
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5288
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0766
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0773
cvssv2 6.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2016-0773
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2016-0773
generic_textual Medium https://ubuntu.com/security/notices/USN-2894-1
cvssv3 6.5 https://www.postgresql.org/support/security/CVE-2016-0773/
generic_textual Low http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
generic_textual Medium http://www.postgresql.org/about/news/1644/
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0773.html
http://rhn.redhat.com/errata/RHSA-2016-1060.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0773.json
https://api.first.org/data/v1/epss?cve=CVE-2016-0773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5288
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0773
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://kc.mcafee.com/corporate/index?page=content&id=SB10152
https://puppet.com/security/cve/CVE-2016-0773
https://security.gentoo.org/glsa/201701-33
https://ubuntu.com/security/notices/USN-2894-1
https://www.postgresql.org/about/news/2016-02-11-security-update-release-1644/
https://www.postgresql.org/support/security/CVE-2016-0773/
http://www.debian.org/security/2016/dsa-3475
http://www.debian.org/security/2016/dsa-3476
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.postgresql.org/about/news/1644/
http://www.postgresql.org/docs/current/static/release-9-1-20.html
http://www.postgresql.org/docs/current/static/release-9-2-15.html
http://www.postgresql.org/docs/current/static/release-9-3-11.html
http://www.postgresql.org/docs/current/static/release-9-4-6.html
http://www.postgresql.org/docs/current/static/release-9-5-1.html
http://www.securityfocus.com/bid/83184
http://www.securitytracker.com/id/1035005
http://www.ubuntu.com/usn/USN-2894-1
1303832 https://bugzilla.redhat.com/show_bug.cgi?id=1303832
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.11:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.12:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.13:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.14:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVE-2016-0773 https://nvd.nist.gov/vuln/detail/CVE-2016-0773
RHSA-2016:0346 https://access.redhat.com/errata/RHSA-2016:0346
RHSA-2016:0347 https://access.redhat.com/errata/RHSA-2016:0347
RHSA-2016:0348 https://access.redhat.com/errata/RHSA-2016:0348
RHSA-2016:0349 https://access.redhat.com/errata/RHSA-2016:0349
RHSA-2016:1060 https://access.redhat.com/errata/RHSA-2016:1060
USN-2894-1 https://usn.ubuntu.com/2894-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0773
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0773
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.86212
EPSS Score 0.0336
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.