Description

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678.

Remediation

References

CVE-2006-0553

Related Vulnerabilities

SharePoint CVE-2020-1218 Vulnerability (CVE-2020-1218)

WebLogic CVE-2024-21234 Vulnerability (CVE-2024-21234)

WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Multiple Cross-Site Scripting Vulnerabilities (3.2.2)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)

WordPress Plugin Processing Embed 'pluginurl' Parameter Cross-Site Scripting (0.5)

Severity

Medium

Classification

CVE-2006-0553 CWE-264

Tags

Missing Update Known Vulnerabilities