SQL Injection Vulnerability in PostgreSQL JDBC Driver by PostgreSQL
CVE-2012-1618

Currently unrated

Key Information:

Vendor

Postgresql
Status
Postgresql
Postgresql Jdbc Driver
Vendor
CVE Published:
6 October 2012

What is CVE-2012-1618?

A flaw exists within the PostgreSQL JDBC driver versions prior to 8.2 that fails to properly escape unspecified JDBC statement parameters when interacting with a PostgreSQL server configured with the 'standard_conforming_strings' option enabled. This misconfiguration, prevalent in the default settings of PostgreSQL 9.1, allows remote attackers to execute SQL injection attacks, potentially leading to unauthorized access or data manipulation within the database.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/03/30/9
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2012/04/02/4
mailing-listx_refsource_MLIST
https://bugzilla.novell.com/show_bug.cgi?id=754273
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.