PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-01-09T21:00:00
Updated: 2024-08-07T16:11:06.041Z
Reserved: 2007-12-31T00:00:00
Link: CVE-2007-6600
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-01-09T21:46:00.000
Modified: 2024-11-21T00:40:32.600
Link: CVE-2007-6600
Redhat