KLA11539
Multiple vulnerabilities in PostgreSQL

Обновлено: 03/06/2020

Дата обнаружения	08/08/2019
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: A vulnerability in PostgreSQL can be exploited to execute arbitrary code; Memory disclosure vulnerability in PostgreSQL can be exploited via reading arbitrary bytes of server memory to obtain sensitive information; A vulnerability in EnterpriseDB Windows installer can be exploited via writing PostgreSQL superuser password to unprotected temporary file to bypass security restrictions; A vulnerability in EnterpriseDB Windows installer can be exploited via bundling OpenSSL executes code from unprotected directory to bypass security restrictions;
Решение	Update to the latest version Download PostgreSQL
Первичный источник обнаружения	PostgreSQL 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24, and 12 Beta 3 Released!
Оказываемое влияние ?	ACE [?] OSI [?] SB [?]
Связанные продукты	PostgreSQL
CVE-IDS	CVE-2019-102086.5High CVE-2019-102093.5Warning CVE-2019-102101.9Warning CVE-2019-102117.5Critical
	Узнай статистику распространения уязвимостей в твоем регионе

KLA11539Multiple vulnerabilities in PostgreSQL