Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0062

Опубликовано: 17 фев. 2014
Источник: redhat
CVSS2: 3.5
EPSS Низкий

Описание

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5postgresqlWill not fix
Red Hat Enterprise Linux 7postgresqlNot affected
CloudForms Management Engine 5.xcfmeFixedRHSA-2014:046912.05.2014
CloudForms Management Engine 5.xpostgresql92-postgresqlFixedRHSA-2014:046912.05.2014
CloudForms Management Engine 5.xprinceFixedRHSA-2014:046912.05.2014
CloudForms Management Engine 5.xruby193-rubygem-actionpackFixedRHSA-2014:046912.05.2014
Red Hat Enterprise Linux 5postgresql84FixedRHSA-2014:021125.02.2014
Red Hat Enterprise Linux 5postgresqlFixedRHSA-2014:024904.03.2014
Red Hat Enterprise Linux 6postgresqlFixedRHSA-2014:021125.02.2014
Red Hat Software Collections for RHEL-6postgresql92-postgresqlFixedRHSA-2014:022127.02.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1065222postgresql: CREATE INDEX race condition possibly leading to privilege escalation

EPSS

Процентиль: 72%
0.00757
Низкий

3.5 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0062

ubuntu
около 11 лет назад

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

nvd логотип

CVE-2014-0062

nvd
около 11 лет назад

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

debian логотип

CVE-2014-0062

debian
около 11 лет назад

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE ...

github логотип

GHSA-v5fw-6c5r-3rm6

github
около 3 лет назад

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

oracle-oval логотип

ELSA-2014-0249

oracle-oval
больше 11 лет назад

ELSA-2014-0249: postgresql security update (IMPORTANT)

EPSS

Процентиль: 72%
0.00757
Низкий

3.5 Low

CVSS2