CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS
Percentile
78.2%
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2
before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0
Beta 2 does not properly restrict PL/perl procedures, which allows remote
authenticated users, with database-creation privileges, to execute
arbitrary Perl code via a crafted script, related to the Safe module (aka
Safe.pm) for Perl. NOTE: some sources report that this issue is the same as
CVE-2010-1447.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | postgresql-8.1 | < 8.1.21-0ubuntu0.6.06 | UNKNOWN |
ubuntu | 8.04 | noarch | postgresql-8.3 | < 8.3.11-0ubuntu8.04 | UNKNOWN |
ubuntu | 9.04 | noarch | postgresql-8.3 | < 8.3.11-0ubuntu9.04 | UNKNOWN |
ubuntu | 9.10 | noarch | postgresql-8.4 | < 8.4.4-0ubuntu9.10 | UNKNOWN |
ubuntu | 10.04 | noarch | postgresql-8.4 | < 8.4.4-0ubuntu10.04 | UNKNOWN |
ubuntu | 10.10 | noarch | postgresql-8.4 | < 8.4.4-1 | UNKNOWN |
ubuntu | 11.04 | noarch | postgresql-8.4 | < 8.4.4-1 | UNKNOWN |