CVE-2009-4136

Priority
Description
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19,
8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not
properly manage session-local state during execution of an index function
by a database superuser, which allows remote authenticated users to gain
privileges via a table with crafted index functions, as demonstrated by
functions that modify (1) search_path or (2) a prepared statement, a
related issue to CVE-2007-6600 and CVE-2009-3230.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:51:30 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)