Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-1447
HistoryMay 19, 2010 - 6:30 p.m.

CVE-2010-1447

2010-05-1918:30:03
CWE-264
[email protected]
web.nvd.nist.gov
8

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.005

Percentile

76.9%

JSON

The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.

Affected configurations

Nvd
Node
postgresqlpostgresqlMatch7.4
OR
postgresqlpostgresqlMatch7.4.1
OR
postgresqlpostgresqlMatch7.4.2
OR
postgresqlpostgresqlMatch7.4.3
OR
postgresqlpostgresqlMatch7.4.4
OR
postgresqlpostgresqlMatch7.4.5
OR
postgresqlpostgresqlMatch7.4.6
OR
postgresqlpostgresqlMatch7.4.7
OR
postgresqlpostgresqlMatch7.4.8
OR
postgresqlpostgresqlMatch7.4.9
OR
postgresqlpostgresqlMatch7.4.10
OR
postgresqlpostgresqlMatch7.4.11
OR
postgresqlpostgresqlMatch7.4.12
OR
postgresqlpostgresqlMatch7.4.13
OR
postgresqlpostgresqlMatch7.4.14
OR
postgresqlpostgresqlMatch7.4.15
OR
postgresqlpostgresqlMatch7.4.16
OR
postgresqlpostgresqlMatch7.4.17
OR
postgresqlpostgresqlMatch7.4.18
OR
postgresqlpostgresqlMatch7.4.19
OR
postgresqlpostgresqlMatch7.4.20
OR
postgresqlpostgresqlMatch7.4.21
OR
postgresqlpostgresqlMatch7.4.22
OR
postgresqlpostgresqlMatch7.4.23
OR
postgresqlpostgresqlMatch7.4.24
OR
postgresqlpostgresqlMatch7.4.25
OR
postgresqlpostgresqlMatch7.4.26
OR
postgresqlpostgresqlMatch7.4.27
OR
postgresqlpostgresqlMatch7.4.28
Node
postgresqlpostgresqlMatch8.0
OR
postgresqlpostgresqlMatch8.0.0
OR
postgresqlpostgresqlMatch8.0.1
OR
postgresqlpostgresqlMatch8.0.2
OR
postgresqlpostgresqlMatch8.0.3
OR
postgresqlpostgresqlMatch8.0.4
OR
postgresqlpostgresqlMatch8.0.5
OR
postgresqlpostgresqlMatch8.0.6
OR
postgresqlpostgresqlMatch8.0.7
OR
postgresqlpostgresqlMatch8.0.8
OR
postgresqlpostgresqlMatch8.0.9
OR
postgresqlpostgresqlMatch8.0.10
OR
postgresqlpostgresqlMatch8.0.11
OR
postgresqlpostgresqlMatch8.0.12
OR
postgresqlpostgresqlMatch8.0.13
OR
postgresqlpostgresqlMatch8.0.14
OR
postgresqlpostgresqlMatch8.0.15
OR
postgresqlpostgresqlMatch8.0.16
OR
postgresqlpostgresqlMatch8.0.17
OR
postgresqlpostgresqlMatch8.0.18
OR
postgresqlpostgresqlMatch8.0.19
OR
postgresqlpostgresqlMatch8.0.20
OR
postgresqlpostgresqlMatch8.0.21
OR
postgresqlpostgresqlMatch8.0.22
OR
postgresqlpostgresqlMatch8.0.23
OR
postgresqlpostgresqlMatch8.0.24
Node
postgresqlpostgresqlMatch8.1
OR
postgresqlpostgresqlMatch8.1.0
OR
postgresqlpostgresqlMatch8.1.1
OR
postgresqlpostgresqlMatch8.1.2
OR
postgresqlpostgresqlMatch8.1.3
OR
postgresqlpostgresqlMatch8.1.4
OR
postgresqlpostgresqlMatch8.1.5
OR
postgresqlpostgresqlMatch8.1.6
OR
postgresqlpostgresqlMatch8.1.7
OR
postgresqlpostgresqlMatch8.1.8
OR
postgresqlpostgresqlMatch8.1.9
OR
postgresqlpostgresqlMatch8.1.10
OR
postgresqlpostgresqlMatch8.1.11
OR
postgresqlpostgresqlMatch8.1.12
OR
postgresqlpostgresqlMatch8.1.13
OR
postgresqlpostgresqlMatch8.1.14
OR
postgresqlpostgresqlMatch8.1.15
OR
postgresqlpostgresqlMatch8.1.16
OR
postgresqlpostgresqlMatch8.1.17
OR
postgresqlpostgresqlMatch8.1.18
OR
postgresqlpostgresqlMatch8.1.19
OR
postgresqlpostgresqlMatch8.1.20
Node
postgresqlpostgresqlMatch8.2
OR
postgresqlpostgresqlMatch8.2.1
OR
postgresqlpostgresqlMatch8.2.2
OR
postgresqlpostgresqlMatch8.2.3
OR
postgresqlpostgresqlMatch8.2.4
OR
postgresqlpostgresqlMatch8.2.5
OR
postgresqlpostgresqlMatch8.2.6
OR
postgresqlpostgresqlMatch8.2.7
OR
postgresqlpostgresqlMatch8.2.8
OR
postgresqlpostgresqlMatch8.2.9
OR
postgresqlpostgresqlMatch8.2.10
OR
postgresqlpostgresqlMatch8.2.11
OR
postgresqlpostgresqlMatch8.2.12
OR
postgresqlpostgresqlMatch8.2.13
OR
postgresqlpostgresqlMatch8.2.14
OR
postgresqlpostgresqlMatch8.2.15
OR
postgresqlpostgresqlMatch8.2.16
Node
postgresqlpostgresqlMatch8.3
OR
postgresqlpostgresqlMatch8.3.1
OR
postgresqlpostgresqlMatch8.3.2
OR
postgresqlpostgresqlMatch8.3.3
OR
postgresqlpostgresqlMatch8.3.4
OR
postgresqlpostgresqlMatch8.3.5
OR
postgresqlpostgresqlMatch8.3.6
OR
postgresqlpostgresqlMatch8.3.7
OR
postgresqlpostgresqlMatch8.3.8
OR
postgresqlpostgresqlMatch8.3.9
OR
postgresqlpostgresqlMatch8.3.10
Node
postgresqlpostgresqlMatch8.4
OR
postgresqlpostgresqlMatch8.4.1
OR
postgresqlpostgresqlMatch8.4.2
OR
postgresqlpostgresqlMatch8.4.3
Node
postgresqlpostgresqlMatch9.0.0beta1
VendorProductVersionCPE
postgresqlpostgresql7.4cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
postgresqlpostgresql7.4.1cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
postgresqlpostgresql7.4.2cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
postgresqlpostgresql7.4.3cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
postgresqlpostgresql7.4.4cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
postgresqlpostgresql7.4.5cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
postgresqlpostgresql7.4.6cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
postgresqlpostgresql7.4.7cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
postgresqlpostgresql7.4.8cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*
postgresqlpostgresql7.4.9cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 1101

References

Related

openvas 31
prion 3
cve 3
veracode 1
nessus 27
debiancve 1
debian 3
cvelist 3
ubuntucve 4
redhat 2
fedora 3
oraclelinux 2
nvd 2
securityvulns 4
threatpost 1
seebug 2
centos 1
osv 1
ubuntu 1
vmware 2
gentoo 1
openvas
openvas
Debian Security Advisory DSA 2267-1 (perl)
2011-08-03 00:00:00
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
2010-06-14 00:00:00
Debian: Security Advisory (DSA-2267-1)
2011-08-03 00:00:00
prion
prion
Design/Logic Flaw
2010-05-19 18:30:00
Code injection
2010-05-19 18:30:00
Code injection
2010-10-06 17:00:00
cve
cve
CVE-2010-1447
2010-05-19 18:30:03
CVE-2010-1169
2010-05-19 18:30:02
CVE-2010-3433
2010-10-06 17:00:16
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:49:01
nessus
nessus
Debian DSA-2267-1 : perl - restriction bypass
2011-07-05 00:00:00
Mandriva Linux Security Advisory : perl (MDVSA-2010:115)
2010-06-14 00:00:00
openSUSE Security Update : perl (openSUSE-SU-2010:0519-1)
2010-08-19 00:00:00
debiancve
debiancve
CVE-2010-1447
2010-05-19 18:30:03
debian
debian
[SECURITY] [DSA 2267-1] perl security update
2011-07-01 17:52:58
BSA-005 Security Update for postgresql-8.4
2010-10-10 12:48:58
BSA-005 Security Update for postgresql-8.4
2010-10-10 12:48:45
cvelist
cvelist
CVE-2010-1447
2010-05-19 18:13:00
CVE-2010-1169
2010-05-19 18:13:00
CVE-2010-3433
2010-10-06 16:00:00
ubuntucve
ubuntucve
CVE-2010-1169
2010-05-18 00:00:00
CVE-2010-1168
2010-06-21 00:00:00
CVE-2010-1447
2010-05-19 00:00:00
redhat
redhat
(RHSA-2010:0457) Moderate: perl security update
2010-06-07 00:00:00
(RHSA-2010:0458) Moderate: perl security update
2010-06-07 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: perl-5.10.0-91.fc12
2010-08-13 21:12:30
[SECURITY] Fedora 13 Update: perl-5.10.1-116.fc13
2010-08-03 01:10:38
[SECURITY] Fedora 13 Update: perl-5.10.1-123.fc13
2011-04-23 20:49:40
oraclelinux
oraclelinux
perl security update
2010-06-07 00:00:00
perl security update
2010-06-07 00:00:00
nvd
nvd
CVE-2010-1169
2010-05-19 18:30:02
CVE-2010-3433
2010-10-06 17:00:16
securityvulns
securityvulns
Perl protection bypass
2010-06-14 00:00:00
[ MDVSA-2010:115 ] perl
2010-06-14 00:00:00
[USN-1129-1] Perl vulnerabilities
2011-05-05 00:00:00
threatpost
threatpost
PostgreSQL Vulnerabilities Fixed
2010-05-17 14:36:50
seebug
seebug
PostgreSQL PL/perl和PL/tcl存储过程绕过安全限制漏洞
2010-05-20 00:00:00
VMware ESX Service Console多个安全漏洞
2012-01-13 00:00:00
centos
centos
perl security update
2010-06-12 12:59:15
osv
osv
postgresql-8.3 - several
2010-05-24 00:00:00
ubuntu
ubuntu
Perl vulnerabilities
2011-05-03 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.005

Percentile

76.9%

JSON
Related for NVD:CVE-2010-1447
openvas31prion3cve3veracode1nessus27debiancve1debian3cvelist3ubuntucve4redhat2fedora3oraclelinux2nvd2securityvulns4threatpost1seebug2centos1osv1ubuntu1vmware2gentoo1