CVE-2005-0245

Name: CVE-2005-0245
Creator: NVD / NIST
Published: 2005-02-01T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 14.47%

Last modified Jun 16, 2026

CVE-2005-0245 is a vulnerability of currently unknown severity. Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.. EPSS estimates a 14.47% chance of exploitation in the next 30 days.

Description

Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.

Metrics

EPSS Probability

14.47%

96.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Postgresql	Postgresql	>= 7.3, < 7.3.10
Postgresql	Postgresql	>= 7.4, < 7.4.7
Postgresql	Postgresql	8.0

References

http://archives.postgresql.org/pgsql-committers/2005-01/msg00298.phpVendor Advisory
http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.phpVendor Advisory
http://archives.postgresql.org/pgsql-patches/2005-01/msg00216.phpExploit, Vendor Advisory
http://marc.info/?l=bugtraq&m=110806034116082&w=2Issue Tracking, Third Party Advisory
http://secunia.com/advisories/12948Exploit, Patch, Vendor Advisory
http://www.debian.org/security/2005/dsa-683Exploit, Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:040Broken Link
http://www.novell.com/linux/security/advisories/2005_36_sudo.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-138.htmlPatch, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-150.htmlPatch, Vendor Advisory
http://www.securityfocus.com/bid/12417Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/19188Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10175Third Party Advisory
http://archives.postgresql.org/pgsql-committers/2005-01/msg00298.phpVendor Advisory
http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.phpVendor Advisory
http://archives.postgresql.org/pgsql-patches/2005-01/msg00216.phpExploit, Vendor Advisory
http://marc.info/?l=bugtraq&m=110806034116082&w=2Issue Tracking, Third Party Advisory
http://secunia.com/advisories/12948Exploit, Patch, Vendor Advisory
http://www.debian.org/security/2005/dsa-683Exploit, Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:040Broken Link
http://www.novell.com/linux/security/advisories/2005_36_sudo.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-138.htmlPatch, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-150.htmlPatch, Vendor Advisory
http://www.securityfocus.com/bid/12417Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/19188Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10175Third Party Advisory

Timeline

Published: Feb 1, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-0245?

How severe is CVE-2005-0245?

Severity scoring for CVE-2005-0245 is pending analysis. The EPSS model estimates a 14.47% probability of exploitation in the next 30 days.

How do I fix CVE-2005-0245?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-0245?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST