Lucene search

K
cveRedhatCVE-2010-1169
HistoryMay 19, 2010 - 6:30 p.m.

CVE-2010-1169

2010-05-1918:30:02
CWE-94
redhat
web.nvd.nist.gov
243
postgresql
cve-2010-1169
pl/perl
remote code execution
safe module
nvd

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.2%

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

Affected configurations

Nvd
Node
postgresqlpostgresqlMatch7.4
OR
postgresqlpostgresqlMatch7.4.1
OR
postgresqlpostgresqlMatch7.4.2
OR
postgresqlpostgresqlMatch7.4.3
OR
postgresqlpostgresqlMatch7.4.4
OR
postgresqlpostgresqlMatch7.4.5
OR
postgresqlpostgresqlMatch7.4.6
OR
postgresqlpostgresqlMatch7.4.7
OR
postgresqlpostgresqlMatch7.4.8
OR
postgresqlpostgresqlMatch7.4.9
OR
postgresqlpostgresqlMatch7.4.10
OR
postgresqlpostgresqlMatch7.4.11
OR
postgresqlpostgresqlMatch7.4.12
OR
postgresqlpostgresqlMatch7.4.13
OR
postgresqlpostgresqlMatch7.4.14
OR
postgresqlpostgresqlMatch7.4.15
OR
postgresqlpostgresqlMatch7.4.16
OR
postgresqlpostgresqlMatch7.4.17
OR
postgresqlpostgresqlMatch7.4.18
OR
postgresqlpostgresqlMatch7.4.19
OR
postgresqlpostgresqlMatch7.4.20
OR
postgresqlpostgresqlMatch7.4.21
OR
postgresqlpostgresqlMatch7.4.22
OR
postgresqlpostgresqlMatch7.4.23
OR
postgresqlpostgresqlMatch7.4.24
OR
postgresqlpostgresqlMatch7.4.25
OR
postgresqlpostgresqlMatch7.4.26
OR
postgresqlpostgresqlMatch7.4.27
OR
postgresqlpostgresqlMatch7.4.28
Node
postgresqlpostgresqlMatch8.0
OR
postgresqlpostgresqlMatch8.0.0
OR
postgresqlpostgresqlMatch8.0.1
OR
postgresqlpostgresqlMatch8.0.2
OR
postgresqlpostgresqlMatch8.0.3
OR
postgresqlpostgresqlMatch8.0.4
OR
postgresqlpostgresqlMatch8.0.5
OR
postgresqlpostgresqlMatch8.0.6
OR
postgresqlpostgresqlMatch8.0.7
OR
postgresqlpostgresqlMatch8.0.8
OR
postgresqlpostgresqlMatch8.0.9
OR
postgresqlpostgresqlMatch8.0.10
OR
postgresqlpostgresqlMatch8.0.11
OR
postgresqlpostgresqlMatch8.0.12
OR
postgresqlpostgresqlMatch8.0.13
OR
postgresqlpostgresqlMatch8.0.14
OR
postgresqlpostgresqlMatch8.0.15
OR
postgresqlpostgresqlMatch8.0.16
OR
postgresqlpostgresqlMatch8.0.17
OR
postgresqlpostgresqlMatch8.0.18
OR
postgresqlpostgresqlMatch8.0.19
OR
postgresqlpostgresqlMatch8.0.20
OR
postgresqlpostgresqlMatch8.0.21
OR
postgresqlpostgresqlMatch8.0.22
OR
postgresqlpostgresqlMatch8.0.23
OR
postgresqlpostgresqlMatch8.0.24
Node
postgresqlpostgresqlMatch8.1
OR
postgresqlpostgresqlMatch8.1.0
OR
postgresqlpostgresqlMatch8.1.1
OR
postgresqlpostgresqlMatch8.1.2
OR
postgresqlpostgresqlMatch8.1.3
OR
postgresqlpostgresqlMatch8.1.4
OR
postgresqlpostgresqlMatch8.1.5
OR
postgresqlpostgresqlMatch8.1.6
OR
postgresqlpostgresqlMatch8.1.7
OR
postgresqlpostgresqlMatch8.1.8
OR
postgresqlpostgresqlMatch8.1.9
OR
postgresqlpostgresqlMatch8.1.10
OR
postgresqlpostgresqlMatch8.1.11
OR
postgresqlpostgresqlMatch8.1.12
OR
postgresqlpostgresqlMatch8.1.13
OR
postgresqlpostgresqlMatch8.1.14
OR
postgresqlpostgresqlMatch8.1.15
OR
postgresqlpostgresqlMatch8.1.16
OR
postgresqlpostgresqlMatch8.1.17
OR
postgresqlpostgresqlMatch8.1.18
OR
postgresqlpostgresqlMatch8.1.19
OR
postgresqlpostgresqlMatch8.1.20
Node
postgresqlpostgresqlMatch8.2
OR
postgresqlpostgresqlMatch8.2.1
OR
postgresqlpostgresqlMatch8.2.2
OR
postgresqlpostgresqlMatch8.2.3
OR
postgresqlpostgresqlMatch8.2.4
OR
postgresqlpostgresqlMatch8.2.5
OR
postgresqlpostgresqlMatch8.2.6
OR
postgresqlpostgresqlMatch8.2.7
OR
postgresqlpostgresqlMatch8.2.8
OR
postgresqlpostgresqlMatch8.2.9
OR
postgresqlpostgresqlMatch8.2.10
OR
postgresqlpostgresqlMatch8.2.11
OR
postgresqlpostgresqlMatch8.2.12
OR
postgresqlpostgresqlMatch8.2.13
OR
postgresqlpostgresqlMatch8.2.14
OR
postgresqlpostgresqlMatch8.2.15
OR
postgresqlpostgresqlMatch8.2.16
Node
postgresqlpostgresqlMatch8.3
OR
postgresqlpostgresqlMatch8.3.1
OR
postgresqlpostgresqlMatch8.3.2
OR
postgresqlpostgresqlMatch8.3.3
OR
postgresqlpostgresqlMatch8.3.4
OR
postgresqlpostgresqlMatch8.3.5
OR
postgresqlpostgresqlMatch8.3.6
OR
postgresqlpostgresqlMatch8.3.7
OR
postgresqlpostgresqlMatch8.3.8
OR
postgresqlpostgresqlMatch8.3.9
OR
postgresqlpostgresqlMatch8.3.10
Node
postgresqlpostgresqlMatch8.4
OR
postgresqlpostgresqlMatch8.4.1
OR
postgresqlpostgresqlMatch8.4.2
OR
postgresqlpostgresqlMatch8.4.3
Node
postgresqlpostgresqlMatch9.0.0beta1
VendorProductVersionCPE
postgresqlpostgresql7.4.19cpe:/a:postgresql:postgresql:7.4.19:::
postgresqlpostgresql7.4.7cpe:/a:postgresql:postgresql:7.4.7:::
postgresqlpostgresql7.4.22cpe:/a:postgresql:postgresql:7.4.22:::
postgresqlpostgresql7.4.12cpe:/a:postgresql:postgresql:7.4.12:::
postgresqlpostgresql7.4.23cpe:/a:postgresql:postgresql:7.4.23:::
postgresqlpostgresql7.4.18cpe:/a:postgresql:postgresql:7.4.18:::
postgresqlpostgresql7.4cpe:/a:postgresql:postgresql:7.4:::
postgresqlpostgresql7.4.17cpe:/a:postgresql:postgresql:7.4.17:::
postgresqlpostgresql7.4.14cpe:/a:postgresql:postgresql:7.4.14:::
postgresqlpostgresql7.4.3cpe:/a:postgresql:postgresql:7.4.3:::
Rows per page:
1-10 of 291

References

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.2%