Search for vulnerabilities
Vulnerability details: VCID-zxng-yspq-aaak
Vulnerability ID VCID-zxng-yspq-aaak
Aliases CVE-2005-0247
Summary Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2005:138
rhas Important https://access.redhat.com/errata/RHSA-2005:141
rhas Important https://access.redhat.com/errata/RHSA-2005:150
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.0185 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.06488 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.57055 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.57055 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.57055 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.57055 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
epss 0.69396 https://api.first.org/data/v1/epss?cve=CVE-2005-0247
rhbs unspecified https://bugzilla.redhat.com/show_bug.cgi?id=1617508
cvssv2 6.5 https://nvd.nist.gov/vuln/detail/CVE-2005-0247
Reference id Reference type URL
http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php
http://marc.info/?l=bugtraq&m=110806034116082&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0247.json
https://api.first.org/data/v1/epss?cve=CVE-2005-0247
https://exchange.xforce.ibmcloud.com/vulnerabilities/19375
https://exchange.xforce.ibmcloud.com/vulnerabilities/19376
https://exchange.xforce.ibmcloud.com/vulnerabilities/19377
https://exchange.xforce.ibmcloud.com/vulnerabilities/19378
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9345
https://www.postgresql.org/support/security/CVE-2005-0247/
http://www.debian.org/security/2005/dsa-683
http://www.gentoo.org/security/en/glsa/glsa-200502-19.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:040
http://www.novell.com/linux/security/advisories/2005_27_postgresql.html
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
http://www.redhat.com/support/errata/RHSA-2005-138.html
http://www.redhat.com/support/errata/RHSA-2005-150.html
http://www.securityfocus.com/bid/12417
1617508 https://bugzilla.redhat.com/show_bug.cgi?id=1617508
cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
CVE-2005-0247 https://nvd.nist.gov/vuln/detail/CVE-2005-0247
RHSA-2005:138 https://access.redhat.com/errata/RHSA-2005:138
RHSA-2005:141 https://access.redhat.com/errata/RHSA-2005:141
RHSA-2005:150 https://access.redhat.com/errata/RHSA-2005:150
USN-79-1 https://usn.ubuntu.com/79-1/
No exploits are available.
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-0247
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.81408
EPSS Score 0.0185
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.