CVE-2016-0766
17.02.2016, 15:59
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.Enginsight
Vendor | Product | Version |
---|---|---|
postgresql | postgresql | 9.1.0 ≤ 𝑥 < 9.1.20 |
postgresql | postgresql | 9.2 ≤ 𝑥 < 9.2.15 |
postgresql | postgresql | 9.3 ≤ 𝑥 < 9.3.11 |
postgresql | postgresql | 9.4 ≤ 𝑥 < 9.4.6 |
postgresql | postgresql | 9.5 |
canonical | ubuntu_linux | 12.04 |
canonical | ubuntu_linux | 14.04 |
canonical | ubuntu_linux | 15.10 |
debian | debian_linux | 7.0 |
debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
postgresql-8.4 |
| ||||||||||||||
postgresql-9.1 |
| ||||||||||||||
postgresql-9.3 |
| ||||||||||||||
postgresql-9.4 |
| ||||||||||||||
postgresql-9.5 |
|
Common Weakness Enumeration
References