CVE-2012-0866

PostgreSQL <8.3.18, <8.4.11, <9.0.7, <9.1.3 - Privilege Escalation

Title source: llm
STIX 2.1

Description

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

References (15)

Core 15
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-0678.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-0677.html
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/about/news/1377/
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:027
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:092
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49273
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2418
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49272
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html

Scores

EPSS 0.0107
EPSS Percentile 78.0%

Details

CWE
CWE-264
Status published
Products (39)
postgresql/postgresql 8.3
postgresql/postgresql 8.3.1
postgresql/postgresql 8.3.2
postgresql/postgresql 8.3.3
postgresql/postgresql 8.3.4
postgresql/postgresql 8.3.5
postgresql/postgresql 8.3.6
postgresql/postgresql 8.3.7
postgresql/postgresql 8.3.8
postgresql/postgresql 8.3.9
... and 29 more
Published Jul 18, 2012
Tracked Since Feb 18, 2026