virus logo FortiClient Vulnerability

PostgreSQL CVE-2016-5424 Code Injection Vulnerability

description-logoDescription

A flaw was found in the way PostgreSQL client programs handled database and role names containing newlines, carriage returns, double quotes, or backslashes. By crafting such an object name, roles with the CREATEDB or CREATEROLE option could escalate their privileges to superuser when a superuser next executes maintenance with a vulnerable client program.

affected-products-logoAffected Applications

PostgreSQL

CVE References

CVE-2016-5424

Other References

https://www.postgresql.org/support/security/
ID 31612
Created Jul 11, 2018
Description
Updated		 Mar 01, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor PostgreSQL
Patch manual
Application PostgreSQL