English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-3433
Description:The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
Test IDs: 1.3.6.1.4.1.25623.1.0.68282   1.3.6.1.4.1.25623.1.0.68188   1.3.6.1.4.1.25623.1.0.68187   1.3.6.1.4.1.25623.1.0.100843   1.3.6.1.4.1.25623.1.0.862597   1.3.6.1.4.1.25623.1.0.69194   1.3.6.1.4.1.25623.1.0.68444   1.3.6.1.4.1.25623.1.0.880593   1.3.6.1.4.1.25623.1.0.68460   1.3.6.1.4.1.25623.1.0.68439   1.3.6.1.4.1.25623.1.0.880657   1.3.6.1.4.1.25623.1.0.68159   1.3.6.1.4.1.25623.1.0.122272   1.3.6.1.4.1.25623.1.0.840512   1.3.6.1.4.1.25623.1.0.68120   1.3.6.1.4.1.25623.1.0.122312   1.3.6.1.4.1.25623.1.0.68348   1.3.6.1.4.1.25623.1.0.68443   1.3.6.1.4.1.25623.1.0.840537   1.3.6.1.4.1.25623.1.0.68356  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-3433
42325
http://secunia.com/advisories/42325
43747
http://www.securityfocus.com/bid/43747
ADV-2010-3051
http://www.vupen.com/english/advisories/2010/3051
DSA-2120
http://www.debian.org/security/2010/dsa-2120
FEDORA-2010-15954
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049591.html
FEDORA-2010-15960
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049592.html
HPSBMU02781
http://marc.info/?l=bugtraq&m=134124585221119&w=2
MDVSA-2010:197
http://www.mandriva.com/security/advisories?name=MDVSA-2010:197
RHSA-2010:0742
http://www.redhat.com/support/errata/RHSA-2010-0742.html
RHSA-2010:0908
http://www.redhat.com/support/errata/RHSA-2010-0908.html
SSRT100617
http://marc.info/?l=bugtraq&m=134124585221119&w=2
SUSE-SR:2010:019
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
SUSE-SR:2010:020
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
USN-1002-1
http://www.ubuntu.com/usn/USN-1002-1
USN-1002-2
http://www.ubuntu.com/usn/USN-1002-2
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://www.postgresql.org/about/news.1244
http://www.postgresql.org/about/news.1244
http://www.postgresql.org/docs/9.0/static/release-9-0-1.html
http://www.postgresql.org/docs/9.0/static/release-9-0-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=639371
https://bugzilla.redhat.com/show_bug.cgi?id=639371
oval:org.mitre.oval:def:7291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7291



© 1998-2025 E-Soft Inc. All rights reserved.