SUSE CVE-2010-1170

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...

SuSE 11 / 11.1 Security Update : postgresql (SAT Patch Numbers 2457 / 2458)

This update of postgresql fixes several minor security vulnerabilities : - Postgresql does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings. CVE-2010-1975 - The PL/Tcl implementation in postgresql loa...

Ubuntu Update for PostgreSQL vulnerabilities USN-942-1

Ubuntu Update for Linux kernel vulnerabilities USN-942-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9421.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-942-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Debian DSA-2051-1 : postgresql-8.3 - several vulnerabilities

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1169 Tim Bunce discovered that the implementation of the procedural language PL/Perl insufficiently...

Code injection

Unspecified vulnerability in Novell Forum formerly SiteScape Forum 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515...

Code injection

support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...

CVE-2003-0405

Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via 1 an HTTP query or cookie which is processed in the NEEDS command, or 2 an HTTP Referrer that is processed in the VALIDPATHS command...