Description

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.

Remediation

References

CVE-2007-6601

Related Vulnerabilities

Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)

PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3796)

WordPress Plugin Smart Manager for WooCommerce & WPeC SQL Injection (3.9.6)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1761)

MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4624)

Severity

High

Classification

CVE-2007-6601 CWE-287

Tags

Missing Update Known Vulnerabilities