CVE-2014-0067
published 2014-03-31CVE-2014-0067: The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a…
medium4.6CVSS 3.1
AVLACLAuNCPIPAP
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
Affected
61 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | — | — |
| apple | os_x_server_v5.0.3 | — | — |
| apple | os_x_yosemite_v10.10.5_and_security_update_2015-006 | — | — |
| postgresql | postgresql | <= 8.4.19 | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
CVSS provenance
nvd4.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM