Untrusted search path vulnerability in PostgreSQL prior to 7.3.19, 7.4.x prior to 7.4.17, 8.0.x prior to 8.0.13, 8.1.x prior to 8.1.9, and 8.2.x prior to 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postgresql postgresql |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 6.10 |