PostgreSQL 7.4.x prior to 7.4.27, 8.0.x prior to 8.0.23, 8.1.x prior to 8.1.19, 8.2.x prior to 8.2.15, 8.3.x prior to 8.3.9, and 8.4.x prior to 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
postgresql postgresql 7.4.24 |
||
postgresql postgresql 7.4.9 |
||
postgresql postgresql 7.4.14 |
||
postgresql postgresql 7.4.15 |
||
postgresql postgresql 7.4.20 |
||
postgresql postgresql 7.4.21 |
||
postgresql postgresql 8.0.1 |
||
postgresql postgresql 8.0.2 |
||
postgresql postgresql 8.0.13 |
||
postgresql postgresql 8.0.9 |
||
postgresql postgresql 8.0.16 |
||
postgresql postgresql 8.0.22 |
||
postgresql postgresql 8.1.8 |
||
postgresql postgresql 8.1.2 |
||
postgresql postgresql 8.1.3 |
||
postgresql postgresql 8.1.15 |
||
postgresql postgresql 8.1.17 |
||
postgresql postgresql 8.2.4 |
||
postgresql postgresql 8.2 |
||
postgresql postgresql 8.2.10 |
||
postgresql postgresql 8.3.8 |
||
postgresql postgresql 8.3.3 |
||
postgresql postgresql 8.4.1 |
||
postgresql postgresql 7.4.5 |
||
postgresql postgresql 7.4.4 |
||
postgresql postgresql 7.4.10 |
||
postgresql postgresql 7.4.11 |
||
postgresql postgresql 7.4.22 |
||
postgresql postgresql 7.4.23 |
||
postgresql postgresql 8.0.20 |
||
postgresql postgresql 8.0.0 |
||
postgresql postgresql 8.0.7 |
||
postgresql postgresql 8.0.8 |
||
postgresql postgresql 8.0.19 |
||
postgresql postgresql 8.0.12 |
||
postgresql postgresql 8.1.10 |
||
postgresql postgresql 8.1.0 |
||
postgresql postgresql 8.1.11 |
||
postgresql postgresql 8.1.13 |
||
postgresql postgresql 8.2.2 |
||
postgresql postgresql 8.2.14 |
||
postgresql postgresql 8.2.6 |
||
postgresql postgresql 8.2.11 |
||
postgresql postgresql 8.3.5 |
||
postgresql postgresql 8.3.2 |
||
postgresql postgresql 7.4.3 |
||
postgresql postgresql 7.4.2 |
||
postgresql postgresql 7.4.8 |
||
postgresql postgresql 7.4.18 |
||
postgresql postgresql 7.4.1 |
||
postgresql postgresql 7.4.16 |
||
postgresql postgresql 7.4.17 |
||
postgresql postgresql 7.4.26 |
||
postgresql postgresql 8.0.11 |
||
postgresql postgresql 8.0.4 |
||
postgresql postgresql 8.0.3 |
||
postgresql postgresql 8.0.17 |
||
postgresql postgresql 8.0.18 |
||
postgresql postgresql 8.1.7 |
||
postgresql postgresql 8.1.16 |
||
postgresql postgresql 8.1.6 |
||
postgresql postgresql 8.1.9 |
||
postgresql postgresql 8.1.18 |
||
postgresql postgresql 8.2.3 |
||
postgresql postgresql 8.2.1 |
||
postgresql postgresql 8.2.7 |
||
postgresql postgresql 8.3.6 |
||
postgresql postgresql 8.3.7 |
||
postgresql postgresql 7.4.7 |
||
postgresql postgresql 7.4.6 |
||
postgresql postgresql 7.4.12 |
||
postgresql postgresql 7.4.13 |
||
postgresql postgresql 7.4.25 |
||
postgresql postgresql 7.4.19 |
||
postgresql postgresql 8.0.10 |
||
postgresql postgresql 8.0.14 |
||
postgresql postgresql 8.0.5 |
||
postgresql postgresql 8.0.6 |
||
postgresql postgresql 8.0.15 |
||
postgresql postgresql 8.0.21 |
||
postgresql postgresql 8.1.1 |
||
postgresql postgresql 8.1.4 |
||
postgresql postgresql 8.1.5 |
||
postgresql postgresql 8.1.12 |
||
postgresql postgresql 8.1.14 |
||
postgresql postgresql 8.2.12 |
||
postgresql postgresql 8.2.5 |
||
postgresql postgresql 8.2.9 |
||
postgresql postgresql 8.2.8 |
||
postgresql postgresql 8.2.13 |
||
postgresql postgresql 8.3.1 |
||
postgresql postgresql 8.3.4 |
Vulmon