CVE-2016-0766
N/A
N/A
Summary
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
- http://www.postgresql.org/docs/current/static/release-9-3-11.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
- http://www.postgresql.org/docs/current/static/release-9-2-15.html
- http://www.postgresql.org/docs/current/static/release-9-5-1.html
- https://security.gentoo.org/glsa/201701-33
- http://www.postgresql.org/about/news/1644/
- http://www.securitytracker.com/id/1035005
- http://www.securityfocus.com/bid/83184
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
- http://www.postgresql.org/docs/current/static/release-9-4-6.html
- http://www.ubuntu.com/usn/USN-2894-1
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
- http://www.postgresql.org/docs/current/static/release-9-1-20.html
- http://www.debian.org/security/2016/dsa-3476
- http://www.debian.org/security/2016/dsa-3475
References
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
- http://www.postgresql.org/docs/current/static/release-9-3-11.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
- http://www.postgresql.org/docs/current/static/release-9-2-15.html
- http://www.postgresql.org/docs/current/static/release-9-5-1.html
- https://security.gentoo.org/glsa/201701-33
- http://www.postgresql.org/about/news/1644/
- http://www.securitytracker.com/id/1035005
- http://www.securityfocus.com/bid/83184
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
- http://www.postgresql.org/docs/current/static/release-9-4-6.html
- http://www.ubuntu.com/usn/USN-2894-1
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
- http://www.postgresql.org/docs/current/static/release-9-1-20.html
- http://www.debian.org/security/2016/dsa-3476
- http://www.debian.org/security/2016/dsa-3475
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.