Description

The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.

Remediation

References

CVE-2010-1447

Related Vulnerabilities

Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3)

WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)

WordPress Plugin Maintenance Cross-Site Request Forgery (3.6.4)

Oracle Database Server Other Vulnerability (CVE-2002-1767)

Jenkins Improper Input Validation Vulnerability (CVE-2018-1000068)

Severity

High

Classification

CVE-2010-1447 CWE-264

Tags

Missing Update Known Vulnerabilities