The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Postgresql | Postgresql | 7.4 (including) | 7.4.19 (excluding) |
Postgresql | Postgresql | 8.0 (including) | 8.0.15 (excluding) |
Postgresql | Postgresql | 8.1 (including) | 8.1.11 (excluding) |
Postgresql | Postgresql | 8.2 (including) | 8.2.6 (excluding) |
Tcl/tk | Tcl | * | 8.4.17 (excluding) |