Unrated severityNVD Advisory· Published Feb 1, 2005· Updated Apr 16, 2026
CVE-2005-0245
CVE-2005-0245
Description
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
Affected products
2cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*range: >=7.3,<7.3.10
- cpe:2.3:a:postgresql:postgresql:8.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- www.redhat.com/support/errata/RHSA-2005-138.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-150.htmlnvdPatchVendor Advisory
- archives.postgresql.org/pgsql-patches/2005-01/msg00216.phpnvdExploitVendor Advisory
- secunia.com/advisories/12948nvdExploitPatchVendor Advisory
- www.debian.org/security/2005/dsa-683nvdExploitVendor Advisory
- archives.postgresql.org/pgsql-committers/2005-01/msg00298.phpnvdVendor Advisory
- archives.postgresql.org/pgsql-committers/2005-02/msg00049.phpnvdVendor Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- www.securityfocus.com/bid/12417nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/19188nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10175nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.novell.com/linux/security/advisories/2005_36_sudo.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.