What is the severity of CVE-2010-1169?

CVE-2010-1169 is classified as a medium severity vulnerability.

How do I fix CVE-2010-1169?

The fix for CVE-2010-1169 involves upgrading PostgreSQL to the latest version that is not affected, such as 7.4.29 or later versions.

What are the affected versions of PostgreSQL for CVE-2010-1169?

Affected versions of PostgreSQL for CVE-2010-1169 include 7.4 before 7.4.29, 8.0 before 8.0.25, and several others up to 9.0 Beta before 9.0 Beta 2.

Who is impacted by CVE-2010-1169?

Remote authenticated users with database creation privileges are impacted by CVE-2010-1169.

What type of vulnerability is CVE-2010-1169?

CVE-2010-1169 is a code execution vulnerability that arises from improper restrictions on PL/perl procedures.

Vulnerability/
CVE-2010-1169

high

8.5

CWE

15/4/2010

17/5/2010

19/5/2010

7/8/2024

CVE-2010-1169: Code Injection

First published: Thu Apr 15 2010(Updated: )

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/postgresql	<0:7.4.29-1.el4_8.1	0:7.4.29-1.el4_8.1
redhat/postgresql	<0:8.1.21-1.el5_5.1	0:8.1.21-1.el5_5.1
redhat/postgresql84	<0:8.4.4-1.el5_5.1	0:8.4.4-1.el5_5.1
PostgreSQL Common	=7.4.16
PostgreSQL Common	=7.4.24
PostgreSQL Common	=7.4.22
PostgreSQL Common	=7.4.21
PostgreSQL Common	=7.4.19
PostgreSQL Common	=7.4.15
PostgreSQL Common	=7.4.1
PostgreSQL Common	=7.4.14
PostgreSQL Common	=7.4.26
PostgreSQL Common	=7.4.6
PostgreSQL Common	=7.4.23
PostgreSQL Common	=7.4.11
PostgreSQL Common	=7.4.7
PostgreSQL Common	=7.4.17
PostgreSQL Common	=7.4.3
PostgreSQL Common	=7.4.25
PostgreSQL Common	=7.4.9
PostgreSQL Common	=7.4.5
PostgreSQL Common	=7.4.18
PostgreSQL Common	=7.4.8
PostgreSQL Common	=7.4
PostgreSQL Common	=7.4.4
PostgreSQL Common	=7.4.28
PostgreSQL Common	=7.4.12
PostgreSQL Common	=7.4.27
PostgreSQL Common	=7.4.10
PostgreSQL Common	=7.4.20
PostgreSQL Common	=7.4.2
PostgreSQL Common	=7.4.13
PostgreSQL Common	=8.0.7
PostgreSQL Common	=8.0.2
PostgreSQL Common	=8.0.22
PostgreSQL Common	=8.0.17
PostgreSQL Common	=8.0.10
PostgreSQL Common	=8.0.12
PostgreSQL Common	=8.0.9
PostgreSQL Common	=8.0.15
PostgreSQL Common	=8.0.0
PostgreSQL Common	=8.0.18
PostgreSQL Common	=8.0.3
PostgreSQL Common	=8.0.24
PostgreSQL Common	=8.0.20
PostgreSQL Common	=8.0.8
PostgreSQL Common	=8.0.6
PostgreSQL Common	=8.0.16
PostgreSQL Common	=8.0.13
PostgreSQL Common	=8.0.1
PostgreSQL Common	=8.0.19
PostgreSQL Common	=8.0.21
PostgreSQL Common	=8.0.23
PostgreSQL Common	=8.0.4
PostgreSQL Common	=8.0.5
PostgreSQL Common	=8.0.14
PostgreSQL Common	=8.0.11
PostgreSQL Common	=8.0
PostgreSQL Common	=8.1.10
PostgreSQL Common	=8.1.6
PostgreSQL Common	=8.1.15
PostgreSQL Common	=8.1.7
PostgreSQL Common	=8.1.20
PostgreSQL Common	=8.1
PostgreSQL Common	=8.1.19
PostgreSQL Common	=8.1.13
PostgreSQL Common	=8.1.0
PostgreSQL Common	=8.1.3
PostgreSQL Common	=8.1.9
PostgreSQL Common	=8.1.14
PostgreSQL Common	=8.1.11
PostgreSQL Common	=8.1.17
PostgreSQL Common	=8.1.18
PostgreSQL Common	=8.1.4
PostgreSQL Common	=8.1.8
PostgreSQL Common	=8.1.1
PostgreSQL Common	=8.1.12
PostgreSQL Common	=8.1.5
PostgreSQL Common	=8.1.16
PostgreSQL Common	=8.1.2
PostgreSQL Common	=8.2.9
PostgreSQL Common	=8.2.10
PostgreSQL Common	=8.2.15
PostgreSQL Common	=8.2.4
PostgreSQL Common	=8.2.11
PostgreSQL Common	=8.2.12
PostgreSQL Common	=8.2.2
PostgreSQL Common	=8.2.5
PostgreSQL Common	=8.2.1
PostgreSQL Common	=8.2.7
PostgreSQL Common	=8.2.6
PostgreSQL Common	=8.2.3
PostgreSQL Common	=8.2.16
PostgreSQL Common	=8.2.8
PostgreSQL Common	=8.2.13
PostgreSQL Common	=8.2
PostgreSQL Common	=8.2.14
PostgreSQL Common	=8.3.6
PostgreSQL Common	=8.3.3
PostgreSQL Common	=8.3.2
PostgreSQL Common	=8.3.1
PostgreSQL Common	=8.3.5
PostgreSQL Common	=8.3.8
PostgreSQL Common	=8.3.7
PostgreSQL Common	=8.3.10
PostgreSQL Common	=8.3
PostgreSQL Common	=8.3.4
PostgreSQL Common	=8.3.9
PostgreSQL Common	=8.4.1
PostgreSQL Common	=8.4.3
PostgreSQL Common	=8.4
PostgreSQL Common	=8.4.2
PostgreSQL Common	=9.0.0-beta1

Remedy

http://www.postgresql.org/about/news.1203

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2010-1169?
CVE-2010-1169 is classified as a medium severity vulnerability.
How do I fix CVE-2010-1169?
The fix for CVE-2010-1169 involves upgrading PostgreSQL to the latest version that is not affected, such as 7.4.29 or later versions.
What are the affected versions of PostgreSQL for CVE-2010-1169?
Affected versions of PostgreSQL for CVE-2010-1169 include 7.4 before 7.4.29, 8.0 before 8.0.25, and several others up to 9.0 Beta before 9.0 Beta 2.
Who is impacted by CVE-2010-1169?
Remote authenticated users with database creation privileges are impacted by CVE-2010-1169.
What type of vulnerability is CVE-2010-1169?
CVE-2010-1169 is a code execution vulnerability that arises from improper restrictions on PL/perl procedures.

agent/type
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-1169
agent/first-publish-date
agent/severity
agent/remedy
agent/weakness
agent/author
agent/references
agent/description
collector/redhat-cve
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/redhat
vendor/postgresql
canonical/postgresql common
version/postgresql common/7.4.16
version/postgresql common/7.4.24
version/postgresql common/7.4.22
version/postgresql common/7.4.21
version/postgresql common/7.4.19
version/postgresql common/7.4.15
version/postgresql common/7.4.1
version/postgresql common/7.4.14
version/postgresql common/7.4.26
version/postgresql common/7.4.6
version/postgresql common/7.4.23
version/postgresql common/7.4.11
version/postgresql common/7.4.7
version/postgresql common/7.4.17
version/postgresql common/7.4.3
version/postgresql common/7.4.25
version/postgresql common/7.4.9
version/postgresql common/7.4.5
version/postgresql common/7.4.18
version/postgresql common/7.4.8
version/postgresql common/7.4
version/postgresql common/7.4.4
version/postgresql common/7.4.28
version/postgresql common/7.4.12
version/postgresql common/7.4.27
version/postgresql common/7.4.10
version/postgresql common/7.4.20
version/postgresql common/7.4.2
version/postgresql common/7.4.13
version/postgresql common/8.0.7
version/postgresql common/8.0.2
version/postgresql common/8.0.22
version/postgresql common/8.0.17
version/postgresql common/8.0.10
version/postgresql common/8.0.12
version/postgresql common/8.0.9
version/postgresql common/8.0.15
version/postgresql common/8.0.0
version/postgresql common/8.0.18
version/postgresql common/8.0.3
version/postgresql common/8.0.24
version/postgresql common/8.0.20
version/postgresql common/8.0.8
version/postgresql common/8.0.6
version/postgresql common/8.0.16
version/postgresql common/8.0.13
version/postgresql common/8.0.1
version/postgresql common/8.0.19
version/postgresql common/8.0.21
version/postgresql common/8.0.23
version/postgresql common/8.0.4
version/postgresql common/8.0.5
version/postgresql common/8.0.14
version/postgresql common/8.0.11
version/postgresql common/8.0
version/postgresql common/8.1.10
version/postgresql common/8.1.6
version/postgresql common/8.1.15
version/postgresql common/8.1.7
version/postgresql common/8.1.20
version/postgresql common/8.1
version/postgresql common/8.1.19
version/postgresql common/8.1.13
version/postgresql common/8.1.0
version/postgresql common/8.1.3
version/postgresql common/8.1.9
version/postgresql common/8.1.14
version/postgresql common/8.1.11
version/postgresql common/8.1.17
version/postgresql common/8.1.18
version/postgresql common/8.1.4
version/postgresql common/8.1.8
version/postgresql common/8.1.1
version/postgresql common/8.1.12
version/postgresql common/8.1.5
version/postgresql common/8.1.16
version/postgresql common/8.1.2
version/postgresql common/8.2.9
version/postgresql common/8.2.10
version/postgresql common/8.2.15
version/postgresql common/8.2.4
version/postgresql common/8.2.11
version/postgresql common/8.2.12
version/postgresql common/8.2.2
version/postgresql common/8.2.5
version/postgresql common/8.2.1
version/postgresql common/8.2.7
version/postgresql common/8.2.6
version/postgresql common/8.2.3
version/postgresql common/8.2.16
version/postgresql common/8.2.8
version/postgresql common/8.2.13
version/postgresql common/8.2
version/postgresql common/8.2.14
version/postgresql common/8.3.6
version/postgresql common/8.3.3
version/postgresql common/8.3.2
version/postgresql common/8.3.1
version/postgresql common/8.3.5
version/postgresql common/8.3.8
version/postgresql common/8.3.7
version/postgresql common/8.3.10
version/postgresql common/8.3
version/postgresql common/8.3.4
version/postgresql common/8.3.9
version/postgresql common/8.4.1
version/postgresql common/8.4.3
version/postgresql common/8.4
version/postgresql common/8.4.2
version/postgresql common/9.0.0-beta1