CVE-2007-6303

NONE

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges

Veröffentlicht: 12/10/2007Aktualisiert: 4/9/2025
Auf NVD ansehenAuf MITRE ansehen

Beschreibung

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.

KI-AnalyseKI-gestützt

Betroffene Produkte

mysqlmysql
5.0.0
mysqlmysql
5.0.1
mysqlmysql
5.0.2
mysqlmysql
5.0.3
mysqlmysql
5.0.4
mysqlmysql
5.0.5
mysqlmysql
5.0.5.0.21
mysqlmysql
5.0.10
mysqlmysql
5.0.15
mysqlmysql
5.0.16
mysqlmysql
5.0.17
mysqlmysql
5.0.20
mysqlmysql
5.0.22.1.0.1
mysqlmysql
5.0.24
oraclemysql
5.0.41
oraclemysql
5.1.1
oraclemysql
5.1.2
oraclemysql
5.1.10
oraclemysql
5.1.11
oraclemysql
5.1.12
oraclemysql
5.1.13
oraclemysql
5.1.14
oraclemysql
5.1.15
oraclemysql
5.1.16
oraclemysql
5.1.17
oraclemysql
6.0.0
oraclemysql
6.0.1
oraclemysql
6.0.2
oraclemysql
6.0.3

Referenzen