PostgreSQL: EnterpriseDB's installers for Linux and Mac OS X passed the database superuser password to a script in an insecure fashion.

description-logoDescription

The vulnerabilities in the following products could cause the system to become vulnerable to malicious security attack: PostgreSQL.

Analysis

Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.

affected-products-logoAffected Applications

PostgreSQL

CVE References

CVE-2013-1903