We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2010-1447



Assignerredhat
Reserved2010-04-15
Published2010-05-19
Updated2024-08-07

Description

The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.

References

http://www.mandriva.com/security/advisories?name=MDVSA-2010:115 (MDVSA-2010:115) vendor-advisory

http://www.debian.org/security/2011/dsa-2267 (DSA-2267) vendor-advisory

http://security-tracker.debian.org/tracker/CVE-2010-1447

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320 (oval:org.mitre.oval:def:7320) vdb-entry signature

http://www.postgresql.org/about/news.1203

http://www.vupen.com/english/advisories/2010/1167 (ADV-2010-1167) vdb-entry

http://secunia.com/advisories/39845 (39845) third-party-advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530 (oval:org.mitre.oval:def:11530) vdb-entry signature

https://bugs.launchpad.net/bugs/cve/2010-1447

http://osvdb.org/64756 (64756) vdb-entry

http://www.redhat.com/support/errata/RHSA-2010-0457.html (RHSA-2010:0457) vendor-advisory

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://secunia.com/advisories/40049 (40049) third-party-advisory

http://secunia.com/advisories/40052 (40052) third-party-advisory

http://www.redhat.com/support/errata/RHSA-2010-0458.html (RHSA-2010:0458) vendor-advisory

http://www.securitytracker.com/id?1023988 (1023988) vdb-entry

http://www.openwall.com/lists/oss-security/2010/05/20/5 ([oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request) mailing-list

http://www.securityfocus.com/bid/40305 (40305) vdb-entry

https://bugzilla.redhat.com/show_bug.cgi?id=588269

http://www.mandriva.com/security/advisories?name=MDVSA-2010:116 (MDVSA-2010:116) vendor-advisory

cve.org CVE-2010-1447

nvd.nist.gov CVE-2010-1447

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2010-1447
Support options

Helpdesk Telegram

Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.