CVE-2010-1169
Description
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.
Risk Information
Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.95
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2010-1169,CVE-2010-1170,CVE-2010-1447,CVE-2010-1975 are affected in Postgresql 9.0.0 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.4.4 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.3.11 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.2.17 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.1.21 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.0.25 | Windows |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 7.4.29 | Windows |
| Vulnerability CVE-2010-1169,CVE-2010-1170,CVE-2010-1447,CVE-2010-1975 are affected in Postgresql 9.0.0 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.4.4 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.3.11 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.2.17 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.1.21 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 8.0.25 (For Linux) | Linux |
| Vulnerabilities CVE-2010-1975,CVE-2010-1170,CVE-2010-1169 are fixed in PostgreSQL 7.4.29 (For Linux) | Linux |
| Postgresql-server update (ELSA-2024-10882) postgresql-server-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-pltcl update (ELSA-2024-10882) postgresql-pltcl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plpython update (ELSA-2024-10882) postgresql-plpython-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plperl update (ELSA-2024-10882) postgresql-plperl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-docs update (ELSA-2024-10882) postgresql-docs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-contrib update (ELSA-2024-10882) postgresql-contrib-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-test update (ELSA-2024-10882) postgresql-test-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Improper Control of Generation of Code (Code Injection) Vulnerability (CVE-2010-1169) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234