Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-03-31 14:58
Updated : 2024-02-28 12:20
NVD link : CVE-2014-0062
Mitre link : CVE-2014-0062
CVE.ORG link : CVE-2014-0062
JSON object : View
Products Affected
postgresql
- postgresql
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')