ubuntu · CVE-2007-3280

Quick triage

Priority: medium Published: 2007-06-19 21:30:00 UTC Updated: 2025-07-17 16:41:40 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2007-3280 medium priority: Ubuntu including 2 source packages (postgresql-8.1, postgresql-8.2), 8 status rows across 4 suites (dapper, edgy, feisty, upstream): not-affected 4, DNE 2, needs-triage 2.

Description:

The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.

cvelogic Threat Intelligence