Detections
Analytics
CVE-2010-1447
critical
Description
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530
https://bugzilla.redhat.com/show_bug.cgi?id=588269
https://bugs.launchpad.net/bugs/cve/2010-1447
http://www.vupen.com/english/advisories/2010/1167
http://www.securitytracker.com/id?1023988
http://www.securityfocus.com/bid/40305
http://www.redhat.com/support/errata/RHSA-2010-0458.html
http://www.redhat.com/support/errata/RHSA-2010-0457.html
http://www.postgresql.org/about/news.1203
http://www.openwall.com/lists/oss-security/2010/05/20/5
http://www.mandriva.com/security/advisories?name=MDVSA-2010:116
http://www.mandriva.com/security/advisories?name=MDVSA-2010:115
http://www.debian.org/security/2011/dsa-2267
http://security-tracker.debian.org/tracker/CVE-2010-1447
http://secunia.com/advisories/40052
http://secunia.com/advisories/40049
http://secunia.com/advisories/39845
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705