CVE-2010-3433

MEDIUM

Description

The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049591.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049592.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html

http://marc.info/?l=bugtraq&m=134124585221119&w=2

http://secunia.com/advisories/42325

http://www.debian.org/security/2010/dsa-2120

http://www.mandriva.com/security/advisories?name=MDVSA-2010:197

http://www.postgresql.org/about/news.1244

http://www.postgresql.org/docs/9.0/static/release-9-0-1.html

http://www.redhat.com/support/errata/RHSA-2010-0742.html

http://www.redhat.com/support/errata/RHSA-2010-0908.html

http://www.securityfocus.com/bid/43747

http://www.ubuntu.com/usn/USN-1002-1

http://www.ubuntu.com/usn/USN-1002-2

http://www.vupen.com/english/advisories/2010/3051

https://bugzilla.redhat.com/show_bug.cgi?id=639371

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7291

Details

Source: MITRE

Published: 2010-10-06

Updated: 2017-09-19

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.8

Severity: MEDIUM