{
  "threat_severity" : "Important",
  "public_date" : "2014-02-17T00:00:00Z",
  "bugzilla" : {
    "description" : "postgresql: possible buffer overflow flaws",
    "id" : "1065235",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1065235"
  },
  "cvss" : {
    "cvss_base_score" : "6.5",
    "cvss_scoring_vector" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063." ],
  "acknowledgement" : "Red Hat would like to thank PostgreSQL project for reporting this issue. Upstream acknowledges Jozef Mlich and Peter Eisentraut as the original reporters.",
  "affected_release" : [ {
    "product_name" : "CloudForms Management Engine 5.x",
    "release_date" : "2014-05-12T00:00:00Z",
    "advisory" : "RHSA-2014:0469",
    "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6",
    "package" : "cfme-0:5.2.3.2-1.el6cf"
  }, {
    "product_name" : "CloudForms Management Engine 5.x",
    "release_date" : "2014-05-12T00:00:00Z",
    "advisory" : "RHSA-2014:0469",
    "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6",
    "package" : "postgresql92-postgresql-0:9.2.7-1.1.el6"
  }, {
    "product_name" : "CloudForms Management Engine 5.x",
    "release_date" : "2014-05-12T00:00:00Z",
    "advisory" : "RHSA-2014:0469",
    "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6",
    "package" : "prince-0:9.0r2-4.el6cf"
  }, {
    "product_name" : "CloudForms Management Engine 5.x",
    "release_date" : "2014-05-12T00:00:00Z",
    "advisory" : "RHSA-2014:0469",
    "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6",
    "package" : "ruby193-rubygem-actionpack-1:3.2.13-6.el6cf"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2014-02-25T00:00:00Z",
    "advisory" : "RHSA-2014:0211",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "postgresql84-0:8.4.20-1.el5_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2014-03-04T00:00:00Z",
    "advisory" : "RHSA-2014:0249",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "postgresql-0:8.1.23-10.el5_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2014-02-25T00:00:00Z",
    "advisory" : "RHSA-2014:0211",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "postgresql-0:8.4.20-1.el6_5"
  }, {
    "product_name" : "Red Hat Software Collections for RHEL-6",
    "release_date" : "2014-02-27T00:00:00Z",
    "advisory" : "RHSA-2014:0221",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "postgresql92-postgresql-0:9.2.7-1.1.el6"
  } ],
  "package_state" : [ {
    "product_name" : "CloudForms Management Engine 5",
    "fix_state" : "Will not fix",
    "package_name" : "postgresql",
    "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "postgresql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-0065\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0065" ],
  "name" : "CVE-2014-0065",
  "csaw" : false
}