Description

The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.

Remediation

References

CVE-2010-1447

Related Vulnerabilities

MySQL CVE-2016-9840 Vulnerability (CVE-2016-9840)

WordPress Plugin WooSidebars Cross-Site Scripting (1.4.1)

AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42046)

WordPress Plugin Frontend File Manager Multiple Vulnerabilities (21.2)

Severity

High

Classification

CVE-2010-1447 CWE-264

Tags

Missing Update Known Vulnerabilities