VYPR
Unrated severityNVD Advisory· Published Jun 19, 2007· Updated Jun 16, 2026

CVE-2007-3280

CVE-2007-3280

Description

The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:postgresql:postgresql:8.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:postgresql:postgresql:8.1:*:*:*:*:*:*:*
    • (no CPE)range: =8.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.