Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-1903 (GCVE-0-2013-1903)
Vulnerability from cvelistv5 – Published: 2013-04-04 17:00 – Updated: 2024-08-06 15:20
VLAI?
EPSS
Summary
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postgresql.org/support/security/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-19T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postgresql.org/support/security/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.postgresql.org/about/news/1456/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://www.postgresql.org/support/security/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/support/security/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1903",
"datePublished": "2013-04-04T17:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTA-2013-AVI-529
Vulnerability from certfr_avis - Published: 2013-09-13 - Updated: 2013-09-13
De multiples vulnérabilités ont été corrigées dans Apple OS X Mountain Lion. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Apple OS X Mountain Lion versions antérieures à 10.8.5
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eApple OS X Mountain Lion versions ant\u00e9rieures \u00e0 10.8.5\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-5166",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5166"
},
{
"name": "CVE-2013-1027",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1027"
},
{
"name": "CVE-2012-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
},
{
"name": "CVE-2013-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1635"
},
{
"name": "CVE-2013-1029",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1029"
},
{
"name": "CVE-2013-1899",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1899"
},
{
"name": "CVE-2013-1901",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1901"
},
{
"name": "CVE-2013-1032",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1032"
},
{
"name": "CVE-2012-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2687"
},
{
"name": "CVE-2013-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1643"
},
{
"name": "CVE-2013-1031",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1031"
},
{
"name": "CVE-2012-5688",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5688"
},
{
"name": "CVE-2013-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0166"
},
{
"name": "CVE-2013-1033",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1033"
},
{
"name": "CVE-2012-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2686"
},
{
"name": "CVE-2012-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3817"
},
{
"name": "CVE-2013-2021",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2021"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2012-4558",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4558"
},
{
"name": "CVE-2013-1025",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1025"
},
{
"name": "CVE-2013-1028",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1028"
},
{
"name": "CVE-2013-1903",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1903"
},
{
"name": "CVE-2013-2020",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2020"
},
{
"name": "CVE-2012-3499",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3499"
},
{
"name": "CVE-2013-1900",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1900"
},
{
"name": "CVE-2013-1824",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1824"
},
{
"name": "CVE-2013-2110",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2110"
},
{
"name": "CVE-2013-2266",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2266"
},
{
"name": "CVE-2013-1026",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1026"
},
{
"name": "CVE-2013-1902",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1902"
},
{
"name": "CVE-2012-0883",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0883"
},
{
"name": "CVE-2013-1030",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1030"
}
],
"initial_release_date": "2013-09-13T00:00:00",
"last_revision_date": "2013-09-13T00:00:00",
"links": [],
"reference": "CERTA-2013-AVI-529",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-09-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OS X Mountain Lion\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OS X Mountain Lion",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 septembre 2013",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
}
]
}
CERTA-2013-AVI-221
Vulnerability from certfr_avis - Published: 2013-04-05 - Updated: 2013-04-05
De multiples vulnérabilités ont été corrigées dans PostgreSQL. Elles permettent à un attaquant de provoquer un déni de service, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| PostgreSQL | PostgreSQL | PostgreSQL versions antérieures à 9.0.13 | ||
| PostgreSQL | PostgreSQL | PostgreSQL versions antérieures à 9.1.9 | ||
| PostgreSQL | PostgreSQL | PostgreSQL versions antérieures à 9.2.4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PostgreSQL versions ant\u00e9rieures \u00e0 9.0.13",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
},
{
"description": "PostgreSQL versions ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
},
{
"description": "PostgreSQL versions ant\u00e9rieures \u00e0 9.2.4",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-1899",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1899"
},
{
"name": "CVE-2013-1901",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1901"
},
{
"name": "CVE-2013-1903",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1903"
},
{
"name": "CVE-2013-1900",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1900"
},
{
"name": "CVE-2013-1902",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1902"
}
],
"initial_release_date": "2013-04-05T00:00:00",
"last_revision_date": "2013-04-05T00:00:00",
"links": [],
"reference": "CERTA-2013-AVI-221",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-04-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ePostgreSQL\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans PostgreSQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 PostgreSQL du 04 avril 2013",
"url": "http://www.postgresql.org/support/security/faq/2013-04-04/"
}
]
}
GSD-2013-1903
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-1903",
"description": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors.",
"id": "GSD-2013-1903"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-1903"
],
"details": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors.",
"id": "GSD-2013-1903",
"modified": "2023-12-13T01:22:20.834116Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.postgresql.org/about/news/1456/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://www.postgresql.org/support/security/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/support/security/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1903"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.postgresql.org/support/security/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/support/security/"
},
{
"name": "http://www.postgresql.org/about/news/1456/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-10-20T01:29Z",
"publishedDate": "2013-04-04T17:55Z"
}
}
}
GHSA-476G-PGXP-V92X
Vulnerability from github – Published: 2022-05-17 00:32 – Updated: 2025-04-11 04:09
VLAI?
Details
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.
{
"affected": [],
"aliases": [
"CVE-2013-1903"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-04-04T17:55:00Z",
"severity": "HIGH"
},
"details": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors.",
"id": "GHSA-476g-pgxp-v92x",
"modified": "2025-04-11T04:09:03Z",
"published": "2022-05-17T00:32:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1903"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"type": "WEB",
"url": "http://www.postgresql.org/about/news/1456"
},
{
"type": "WEB",
"url": "http://www.postgresql.org/support/security"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2013-1903
Vulnerability from fkie_nvd - Published: 2013-04-04 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD27648F-E2FF-4779-97F9-2632DCC6B16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFB4916-8B59-4534-804C-CF9DA1B18508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3413A3AB-45A3-48E1-9B30-1194C4E7D49D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5760CE83-4802-42A0-9338-E1E634882450",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4796DBEC-FF4F-4749-90D5-AD83D8B5E086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79108278-D644-4506-BD9C-F464C6E817B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10CF0AA0-41CD-4D50-BA7A-BF8846115C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "965E1A9D-BB23-4C0B-A9CA-54A1855055B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F37C66-0AFE-4D59-8867-BDBCE656774E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE53AE6-232C-4068-98D1-7749007C3CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD38139-FD17-41E7-8D10-7731D8203CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC0B41F-38FF-4D41-9E31-D666A84BB2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A591CB08-5CEB-45EB-876F-417DCD60AF53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD4DE67-9E3C-4F79-8AAB-344C1C46C618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB718D2-97AA-4D61-AA4B-2216EEF55F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "605C06BF-54A0-40F8-A01E-8641B4A83035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1F5B75-78D5-408E-8148-CA23DCED9CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE8C27-0E0A-4428-B25D-054D4FC6FEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F609DDE4-0858-4F83-B8E6-7870196E21CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "349F02AF-013E-4264-9717-010293A3D6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "047926F2-846A-4870-9640-9A4F2804D71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0165D8-0BFA-4D46-95A3-45A03DC086FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6CF6A0-43DC-4C64-A3C4-01EB36F6672B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8251C0-9CAE-4608-BC11-75646A601408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AC024E5D-122D-4E3D-AD24-759AB5940F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "723336B5-405A-4236-A507-2C26E591CF49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F30CA60-0A82-45CD-8044-CE245393593D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C991F71-1E27-47A6-97DC-424FC3EF6011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5740C7AA-1772-41D8-9851-3E3669CD8521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "970338CD-A680-4DD0-BD27-459B0DDA4002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9E57FA-5EAE-4698-992D-146C6310E0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "87DF2937-9C51-4768-BAB1-901BCA636ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0EB754-7A71-40FA-9EAD-44914EB758C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1089D316-D5A3-4F2D-9E52-57FD626A1D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F17D9158-E85A-4436-9180-E8546CF8F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "64CBBE6E-8FDA-46AD-96A9-8C6CFFE97ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A0D13E-6B06-42E9-BEB9-C8FCC3A4E2ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AB79FB06-4712-4DE8-8C0B-5CEE8530828D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7054A3D4-8C52-4636-B135-1078B8DF1D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A6763B2A-00C4-4AAB-8769-9AAEE4BAA603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A705DF-3654-427F-8B11-62DB0B6C9813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05AD5D33-86F4-4BFF-BA84-02AA1347BEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "02FDCF30-D0F7-48AA-9633-9CC060495F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "788975F6-B3F1-4C21-B963-6BA59F14B71C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6713D96-338B-4467-9F05-3153997F62E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "01EB1A77-92AD-47FB-8290-D05C9B6C19C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74857259-30C7-422D-A24D-BE1E33F09466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD80066B-787E-496B-88FD-F0AE291468C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "88C9F0AB-A125-4DCD-A02B-E04D4D95FB5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF13F89-F4C3-43EC-A36A-2F9283E923B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F2631F09-73DD-4A28-8082-3939D89DDBE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "82DDE9E7-EBF9-452B-8380-F9E87CF30ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE68CF-198D-4F01-92F3-4DED7E50ACA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EF798CBC-C8BB-4F88-A927-B385A0DD8F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F568F-7D23-4553-95C5-C7C6B6584EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB64EA-DE7B-4CA4-8121-90612409152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7A932403-9187-471B-BE65-4B6907D57D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC6D76B-EF54-4F03-84BB-4CEAE31C4FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4CDA93-AEF6-489E-A5A1-BDC62BC9707B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "6866FCCB-1E43-4D8A-BC89-F06CB7A904B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1198129D-E814-4BB8-88DA-E500EB65E01D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1937DF43-31CA-4AB8-8832-96AAD73A7FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:8.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "59AC452F-3902-4E6C-856D-469C87AAC1C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to \"graphical installers for Linux and Mac OS X,\" which has unspecified impact and attack vectors."
},
{
"lang": "es",
"value": "PostgreSQL, probablemente en v9.2.x anterior a v9.2.4, v9.1.x anterior a v9.1.9, v9.0.x anterior a v9.0.13, v8.4.x anterior a v8.4.17, y v8.3.x anterior a v8.3.23 proporciona incorrectamente la contrase\u00f1a de superusuario a los scripts relacionados con \"instaladores gr\u00e1ficos para Linux y Mac OS X\", que tiene un impacto y vectores de ataque no especificados."
}
],
"id": "CVE-2013-1903",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-04T17:55:00.957",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/support/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/about/news/1456/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.postgresql.org/support/security/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…