Release Date: | 2010-05-19 |
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447. The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution. The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
See more information about CVE-2010-1447 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.
Base Score: | 8.5 | Base Metrics: | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Access Vector: | Network | Attack Complexity: | Medium |
Authentication: | Requires single instance | Confidentiality Impact: | Complete |
Integrity Impact: | Complete | Availability Impact: | Complete |
Platform | Errata | Release Date |
Oracle Enterprise Linux version 3 (perl) | ELSA-2010-0457 | 2010-06-07 |
Oracle Enterprise Linux version 4 (perl) | ELSA-2010-0457 | 2010-06-07 |
Oracle Linux version 5 (perl) | ELSA-2010-0458 | 2010-06-07 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team