CVE - CVE-2010-1447

CVE-ID
CVE-2010-1447	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1023988 URL:http://www.securitytracker.com/id?1023988 MISC:39845 URL:http://secunia.com/advisories/39845 MISC:40049 URL:http://secunia.com/advisories/40049 MISC:40052 URL:http://secunia.com/advisories/40052 MISC:40305 URL:http://www.securityfocus.com/bid/40305 MISC:64756 URL:~~http://osvdb.org/64756~~ (Obsolete source) MISC:ADV-2010-1167 URL:~~http://www.vupen.com/english/advisories/2010/1167~~ (Obsolete source) MISC:DSA-2267 URL:http://www.debian.org/security/2011/dsa-2267 MISC:MDVSA-2010:115 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:115~~ (Obsolete source) MISC:MDVSA-2010:116 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:116~~ (Obsolete source) MISC:RHSA-2010:0457 URL:http://www.redhat.com/support/errata/RHSA-2010-0457.html MISC:RHSA-2010:0458 URL:http://www.redhat.com/support/errata/RHSA-2010-0458.html MISC:[oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request URL:http://www.openwall.com/lists/oss-security/2010/05/20/5 MISC:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 URL:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 MISC:http://security-tracker.debian.org/tracker/CVE-2010-1447 URL:http://security-tracker.debian.org/tracker/CVE-2010-1447 MISC:http://www.postgresql.org/about/news.1203 URL:http://www.postgresql.org/about/news.1203 MISC:https://bugs.launchpad.net/bugs/cve/2010-1447 URL:https://bugs.launchpad.net/bugs/cve/2010-1447 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=588269 URL:https://bugzilla.redhat.com/show_bug.cgi?id=588269 MISC:oval:org.mitre.oval:def:11530 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530 MISC:oval:org.mitre.oval:def:7320 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
Assigning CNA
Red Hat, Inc.
Date Record Created
20100415	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100415)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)