Vulnerability Description
PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors related to "graphical installers for Linux and Mac OS X."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Postgresql | Postgresql | 9.2 |
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.postgresql.org/about/news/1456/Vendor Advisory
- http://www.postgresql.org/support/security/Vendor Advisory
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.postgresql.org/about/news/1456/Vendor Advisory
- http://www.postgresql.org/support/security/Vendor Advisory
FAQ
What is CVE-2013-1902?
CVE-2013-1902 is a vulnerability with a CVSS score of 10.0 (HIGH). PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecifi...
How severe is CVE-2013-1902?
CVE-2013-1902 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1902?
Check the references section above for vendor advisories and patch information. Affected products include: Postgresql Postgresql.