Vulnerability & Exploit Database

Back to search

ELSA-2012-1037 Moderate: Oracle Linux postgresql and postgresql84 security update

Severity CVSS Published Added Modified
7 (AV:N/AC:M/Au:N/C:P/I:P/A:P) July 04, 2012 July 16, 2012 July 03, 2017

Description

CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

oracle-linux-upgrade-postgresql

Related Vulnerabilities