Home > Vulnerability Database > CVE-2014-0062

Mend.io Vulnerability Database

CVE-2014-0062

Good to know:

Date: March 28, 2014

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

Language: C

Severity Score

5.0

Related Resources (22)

Url: http://wiki.postgresql.org/wiki/20140220securityrelease

Url: http://www.ubuntu.com/usn/USN-2120-1

Url: http://secunia.com/advisories/61307

Url: http://rhn.redhat.com/errata/RHSA-2014-0211.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-0062

Url: http://rhn.redhat.com/errata/RHSA-2014-0469.html

Url: http://www.postgresql.org/about/news/1506/

Url: http://rhn.redhat.com/errata/RHSA-2014-0221.html

Url: http://www.securityfocus.com/bid/65727

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0062

Url: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Url: http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html

Url: http://support.apple.com/kb/HT6448

Url: http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html

Url: http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html

Url: http://rhn.redhat.com/errata/RHSA-2014-0249.html

Url: https://support.apple.com/kb/HT6536

Url: http://www.debian.org/security/2014/dsa-2865

Url: https://access.redhat.com/security/cve/CVE-2014-0062

Url: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Url: http://www.debian.org/security/2014/dsa-2864

Url: https://www.mend.io/vulnerability-database/CVE-2014-0062

Severity Score

5.0

Weakness Type (CWE)

Race Conditions

CWE-362

Top Fix

Upgrade Version

Upgrade to version 8.4.20,9.0.16,9.1.12,9.2.7,9.3.3

Learn More

CVSS v3

Base Score:	5.0
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL

CVSS v2

Base Score:	5.4
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	LOW
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-0062

Good to know:

Date: March 28, 2014

Language: C

Severity Score

Related Resources (22)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3

CVSS v2

Do you need more information?