Vulnerability & Exploit Database

Back to search

Gentoo Linux: CVE-2012-0866: PostgreSQL: Multiple vulnerabilities

Severity CVSS Published Added Modified
7 (AV:N/AC:L/Au:S/C:P/I:P/A:P) July 18, 2012 October 30, 2017 October 30, 2017

Description

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

gentoo-linux-upgrade-dev-db-postgresql-server

Related Vulnerabilities