Vulnerability Details : CVE-2012-3488
The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.
Vulnerability category: XML external entity (XXE) injection
Products affected by CVE-2012-3488
- cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.18:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:8.3.19:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*
Threat overview for CVE-2012-3488
Top countries where our scanners detected CVE-2012-3488
Top open port discovered on systems with this issue
5432
IPs affected by CVE-2012-3488 33,214
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-3488!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-3488
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3488
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:N |
6.8
|
4.9
|
NIST |
CWE ids for CVE-2012-3488
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3488
-
http://www.postgresql.org/support/security/
PostgreSQL: Security InformationVendor Advisory
-
http://www.securityfocus.com/bid/55072
PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
-
http://www.postgresql.org/docs/8.3/static/release-8-3-20.html
PostgreSQL: Documentation: 8.3: Release 8.3.20
-
https://bugzilla.redhat.com/show_bug.cgi?id=849172
849172 – (CVE-2012-3488) CVE-2012-3488 postgresql (xml2 contrib module): XXE by applying XSL stylesheet to the document
-
http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html
Apple - Lists.apple.com
-
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Juniper Networks - 2015-10 Security Bulletin: CTPView: Multiple Vulnerabilities in CTPView
-
http://rhn.redhat.com/errata/RHSA-2012-1263.html
RHSA-2012:1263 - Security Advisory - Red Hat Customer Portal
-
http://www.postgresql.org/docs/9.0/static/release-9-0-9.html
PostgreSQL: Documentation: 9.0: Release 9.0.9
-
http://www.postgresql.org/docs/8.4/static/release-8-4-13.html
PostgreSQL: Documentation: 8.4: Release 8.4.13
-
http://www.postgresql.org/docs/9.1/static/release-9-1-5.html
PostgreSQL: Documentation: 9.1: Release 9.1.5
-
http://www.debian.org/security/2012/dsa-2534
Debian -- Security Information -- DSA-2534-1 postgresql-8.4
-
http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html
openSUSE-SU-2012:1299-1: moderate: postgresql: security and bugfix upgra
-
http://www.postgresql.org/about/news/1407/
PostgreSQL: Security Update 2012-08-17 releasedVendor Advisory
-
http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html
openSUSE-SU-2012:1251-1: moderate: postgresql, postgresql-libs
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:139
mandriva.com
-
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_postgresql2
Multiple vulnerabilities in PostgreSQL | Oracle Third Party Vulnerability Resolution Blog
-
http://www.ubuntu.com/usn/USN-1542-1
USN-1542-1: PostgreSQL vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html
openSUSE-SU-2012:1288-1: moderate: postgresql, postgresql-libs
-
http://rhn.redhat.com/errata/RHSA-2012-1264.html
RHSA-2012:1264 - Security Advisory - Red Hat Customer Portal
Jump to