Description
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP eCommerce HTML Injection (3.8.7.1)
Oracle HTTP Server CVE-2013-1862 Vulnerability (CVE-2013-1862)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2865)
Ruby Cryptographic Issues Vulnerability (CVE-2013-4287)
WordPress Plugin WP Infusionsoft WooCommerce Cross-Site Scripting (1.0.8)