Description

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678.

Remediation

References

CVE-2006-0553

Related Vulnerabilities

WordPress Plugin Allopass for WP Cross-Site Scripting (1.0.7)

WebLogic CVE-2018-2893 Vulnerability (CVE-2018-2893)

PHP Other Vulnerability (CVE-2007-1453)

Perl Improper Certificate Validation Vulnerability (CVE-2023-31486)

WordPress Plugin Google Analytics MU Cross-Site Request Forgery (2.3.1)

Severity

Medium

Classification

CVE-2006-0553 CWE-264

Tags

Missing Update Known Vulnerabilities