The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1378043 | Issue Tracking Third Party Advisory |
https://www.postgresql.org/support/security/ | Patch Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1378043 | Issue Tracking Third Party Advisory |
https://www.postgresql.org/support/security/ | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1378043 - Issue Tracking, Third Party Advisory | |
References | () https://www.postgresql.org/support/security/ - Patch, Vendor Advisory |
Information
Published : 2018-08-20 21:29
Updated : 2024-11-21 02:57
NVD link : CVE-2016-7048
Mitre link : CVE-2016-7048
CVE.ORG link : CVE-2016-7048
JSON object : View
Products Affected
postgresql
- postgresql
CWE
CWE-284
Improper Access Control