Summary
This host is installed with PostgreSQL and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to modify data, obtain sensitive information or trigger outbound traffic to arbitrary external hosts.
Impact Level: Application
Solution
Upgrade to PostgreSQL 8.3.20, 8.4.13, 9.0.9 or 9.1.5 or later, For updates refer to http://www.postgresql.org/download/
Insight
- An error exists within the 'xml_parse()' function when parsing DTD data within XML documents.
- An error exists within the 'xslt_process()' when parsing XSLT style sheets.
Affected
PostgreSQL versions 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 on Windows
References
Severity
Classification
-
CVE CVE-2012-3488, CVE-2012-3489 -
CVSS Base Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N
Related Vulnerabilities