CVE-2013-1902

HIGH

Description

PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors related to "graphical installers for Linux and Mac OS X."

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.postgresql.org/about/news/1456/

http://www.postgresql.org/support/security/

Details

Source: MITRE

Published: 2013-04-04

Updated: 2017-10-20

Risk Information

CVSS v2.0

Base Score: 10

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 10

Severity: HIGH