Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
postgresqlPostgreSQL Global Development GroupPOSTGRESQL:CVE-2009-4136
HistoryDec 15, 2009 - 6:30 p.m.

Vulnerability in core server (CVE-2009-4136)

2009-12-1518:30:00
PostgreSQL Global Development Group
www.postgresql.org
204

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.4%

JSON

Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).

Related

seebug 3
veracode 1
osv 1
nessus 27
fedora 2
openvas 25
debian 1
ubuntu 1
securityvulns 2
ubuntucve 1
prion 1
cve 1
freebsd 1
oraclelinux 3
redhat 3
centos 3
gentoo 1
seebug
seebug
PostgreSQL索引功能权限提升漏洞
2009-12-29 00:00:00
Ruby on Rails 'protect_from_forgery'跨站脚本请求伪造漏洞
2009-12-17 00:00:00
PostgreSQL索引函数会话状态修改本地特权提升漏洞
2009-12-17 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:48:51
osv
osv
postgresql-7.4 postgresql-8.1 postgresql-8.3 - several vulnerabilities
2009-12-31 00:00:00
nessus
nessus
Fedora 11 : postgresql-8.3.9-1.fc11 (2009-13363)
2009-12-18 00:00:00
SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 6767)
2010-01-19 00:00:00
SuSE 11 Security Update : PostgreSQL (SAT Patch Number 1766)
2010-01-19 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: postgresql-8.4.2-1.fc12
2009-12-18 04:39:48
[SECURITY] Fedora 11 Update: postgresql-8.3.9-1.fc11
2009-12-18 04:36:29
openvas
openvas
Ubuntu Update for PostgreSQL vulnerabilities USN-876-1
2010-01-15 00:00:00
Fedora Core 11 FEDORA-2009-13363 (postgresql)
2009-12-30 00:00:00
PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-16 00:00:00
debian
debian
[SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities
2009-12-31 16:38:37
ubuntu
ubuntu
PostgreSQL vulnerabilities
2010-01-03 00:00:00
securityvulns
securityvulns
PostgreSQL multiple security vulnerabilities
2009-12-15 00:00:00
[ MDVSA-2009:333 ] postgresql
2009-12-15 00:00:00
ubuntucve
ubuntucve
CVE-2009-4136
2009-12-15 00:00:00
prion
prion
Sql injection
2009-12-15 18:30:00
cve
cve
CVE-2009-4136
2009-12-15 18:30:00
freebsd
freebsd
postgresql -- multiple vulnerabilities
2009-11-20 00:00:00
oraclelinux
oraclelinux
postgresql security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
redhat
redhat
(RHSA-2010:0427) Moderate: postgresql security update
2010-05-19 00:00:00
(RHSA-2010:0429) Moderate: postgresql security update
2010-05-19 00:00:00
(RHSA-2010:0428) Moderate: postgresql security update
2010-05-19 00:00:00
centos
centos
rh security update
2010-05-21 22:01:26
postgresql security update
2010-05-28 10:45:13
postgresql security update
2010-05-21 22:22:02
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.4%

JSON
Related for POSTGRESQL:CVE-2009-4136
seebug3veracode1osv1nessus27fedora2openvas25debian1ubuntu1securityvulns2ubuntucve1prion1cve1freebsd1oraclelinux3redhat3centos3gentoo1