The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
Exploitability
AV:NAC:LAu:SImpact
C:NI:NA:P4/AV:N/AC:L/Au:S/C:N/I:N/A:P