Two vulnerabilities in how ANALYZE executes user defined functions that are part of expression indexes allows users to gain superuser privileges. A valid login that has permissions to create functions and tables is required to exploit this vulnearbility.
CPE | Name | Operator | Version |
---|---|---|---|
postgresql | lt | 7.4.19 | |
postgresql | lt | 7.3.21 | |
postgresql | lt | 8.1.11 | |
postgresql | lt | 8.2.6 | |
postgresql | lt | 8.0.15 |