Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PostgreSQL Permissions Privileges and Access Controls Vulnerability - CVE-2010-1975 - Vulnerability Database
PostgreSQL

PostgreSQL Permissions Privileges and Access Controls Vulnerability - CVE-2010-1975

Medium
Reference: CVE-2010-1975
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-1975
Title: PostgreSQL Permissions Privileges and Access Controls Vulnerability
Overview:

PostgreSQL 7.4 before 7.4.29 8.0 before 8.0.25 8.1 before 8.1.21 8.2 before 8.2.17 8.3 before 8.3.11 and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations which allows remote authenticated users to remove arbitrary parameter settings via a (1) ALTER USER or (2) ALTER DATABASE statement.