CVE-2007-3278 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-3278 Interim 1 3 2021-06-09T08:41:11Z current 2021-05-30T12:39:15Z 2021-06-09T08:41:11Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-3278 PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. CVE-2007-3278 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C