cve/CVE-2012-0866.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.3 KiB

Raw Permalink Blame History

CVE-2012-0866

Description

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/DButter/whitehat_public
https://github.com/Dokukin1/Metasploitable
https://github.com/Furious992/HW13-01
https://github.com/Iknowmyname/Nmap-Scans-M2
https://github.com/NikulinMS/13-01-hw
https://github.com/Zhivarev/13-01-hw
https://github.com/lekctut/sdb-hw-13-01
https://github.com/mrt2h/DZ
https://github.com/pedr0alencar/vlab-metasploitable2
https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems
https://github.com/zzzWTF/db-13-01

1.3 KiB Raw Permalink Blame History

CVE-2012-0866

Description

POC

Reference

Github

1.3 KiB

Raw Permalink Blame History