Description
PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors related to "graphical installers for Linux and Mac OS X."
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/about/news/1456/
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/support/security/
Scores
EPSS
0.0052
EPSS Percentile
67.1%
Details
Status
published
Products (50)
postgresql/postgresql
9.2
postgresql/postgresql
9.2.1
postgresql/postgresql
9.2.2
postgresql/postgresql
9.2.3
postgresql/postgresql
9.1
postgresql/postgresql
9.1.1
postgresql/postgresql
9.1.2
postgresql/postgresql
9.1.3
postgresql/postgresql
9.1.4
postgresql/postgresql
9.1.5
... and 40 more
Published
Apr 04, 2013
Tracked Since
Feb 18, 2026