Vulnerability & Exploit Database

Back to search

SUSE Linux Security Vulnerability: CVE-2012-0866

Severity CVSS Published Added Modified
7 (AV:N/AC:L/Au:S/C:P/I:P/A:P) July 18, 2012 December 12, 2013 July 04, 2017

Description

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

suse-upgrade-libecpg6

Related Vulnerabilities