The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1378043 | Issue Tracking Third Party Advisory |
https://www.postgresql.org/support/security/ | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-08-20 21:29
Updated : 2024-02-28 16:48
NVD link : CVE-2016-7048
Mitre link : CVE-2016-7048
CVE.ORG link : CVE-2016-7048
JSON object : View
Products Affected
postgresql
- postgresql
CWE
CWE-284
Improper Access Control