CVE-2016-7048
Description
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
9.571
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update PostgressSQL to 9.1.24 | Windows |
| Update PostgressSQL to 9.3.15 | Windows |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.5.5 | Windows |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.4.10 | Windows |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.3.15 | Windows |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.2.19 | Windows |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.1.24 | Windows |
| Update PostgressSQL to 9.1.24 (For Linux) | Linux |
| Update PostgressSQL to 9.3.15 (For Linux) | Linux |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.5.5 (For Linux) | Linux |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.4.10 (For Linux) | Linux |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.3.15 (For Linux) | Linux |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.2.19 (For Linux) | Linux |
| Vulnerabilities CVE-2016-7048 are fixed in PostgreSQL 9.1.24 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234