CVE-2014-0062
Description
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
Risk Information
Base Score
10.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.382
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Postgresql 9.3.2 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.3 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.7 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.12 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.16 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 8.4.20 | Windows |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-contrib-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-contrib-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-devel-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-devel-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-docs-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-docs-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-libs-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-libs-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-plperl-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-plperl-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-plpython-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-plpython-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-pltcl-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-pltcl-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-python-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-python-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-server-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-server-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-tcl-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-tcl-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-test-8.4.20-1.el5_10.i386.rpm | Linux |
| (RHSA-2014:0211) Important: postgresql84 and postgresql security update postgresql84-test-8.4.20-1.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-contrib-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-contrib-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-devel-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-devel-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-docs-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-docs-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-libs-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-libs-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-pl-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-pl-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-python-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-python-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-server-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-server-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-tcl-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-tcl-8.1.23-10.el5_10.x86_64.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-test-8.1.23-10.el5_10.i386.rpm | Linux |
| (RHSA-2014:0249) Important: postgresql security update postgresql-test-8.1.23-10.el5_10.x86_64.rpm | Linux |
| Multiple Vulnerabilities are affected in Postgresql 9.3.2 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.3 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.7 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.12 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.16 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 8.4.20 (For Linux) | Linux |
| Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2014-0062) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234