vulnerability

Ubuntu: USN-3066-1 (CVE-2016-5424): PostgreSQL vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:S/C:P/I:P/A:P)	Aug 18, 2016	Aug 22, 2016	Apr 14, 2025

Severity

CVSS

(AV:N/AC:H/Au:S/C:P/I:P/A:P)

Published

Aug 18, 2016

Added

Aug 22, 2016

Modified

Apr 14, 2025

Description

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain
nested CASE/WHEN expressions. A remote attacker could possibly use this
issue to cause PostgreSQL to crash, resulting in a denial of service.
(CVE-2016-5423)

Nathan Bossart discovered that PostgreSQL incorrectly handled special
characters in database and role names. A remote attacker could possibly use
this issue to escalate privileges. (CVE-2016-5424)

Solution(s)

ubuntu-upgrade-postgresql-9-1ubuntu-upgrade-postgresql-9-3ubuntu-upgrade-postgresql-9-5

References

CVE-2016-5424
https://attackerkb.com/topics/CVE-2016-5424
DEBIAN-DLA-592-1
DEBIAN-DSA-3646
DISA_SEVERITY-Category I
IAVM-2016-B-0129
NVD-CVE-2016-5424
UBUNTU-USN-3066-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today