• Close
  • Back to search

    PostgreSQL class A vulnerability in core server: CVE-2013-1899

    Severity CVSS Published Added Modified
    7 (AV:N/AC:L/Au:S/C:P/I:P/A:P) April 03, 2013 April 04, 2013 March 31, 2014

    Available Exploits 

    Description

    Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a "-" (hyphen).

    Free Nexpose Download

    Discover, prioritize, and remediate security risks today!

     Download now

    References

    Solution

    postgres-upgrade-9_0_13

    Related Vulnerabilities