CVE-2012-0866

critical

Description

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

References

http://www.postgresql.org/docs/9.1/static/release-9-1-3.html

http://www.postgresql.org/docs/9.0/static/release-9-0-7.html

http://www.postgresql.org/docs/8.4/static/release-8-4-11.html

http://www.postgresql.org/docs/8.3/static/release-8-3-18.html

http://www.postgresql.org/about/news/1377/

http://www.mandriva.com/security/advisories?name=MDVSA-2012:092

http://www.mandriva.com/security/advisories?name=MDVSA-2012:027

http://www.mandriva.com/security/advisories?name=MDVSA-2012:026

http://www.debian.org/security/2012/dsa-2418

http://secunia.com/advisories/49273

http://secunia.com/advisories/49272

http://rhn.redhat.com/errata/RHSA-2012-0678.html

http://rhn.redhat.com/errata/RHSA-2012-0677.html

http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Details

Source: Mitre, NVD

Published: 2012-07-18

Updated: 2016-12-08

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical