CVE-2007-5970
NONEMySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX
게시됨: 12/10/2007업데이트됨: 4/9/2025
설명
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
AI 분석AI 기반
영향받는 제품
oraclemysql
5.1.1
oraclemysql
5.1.2
oraclemysql
5.1.10
oraclemysql
5.1.11
oraclemysql
5.1.12
oraclemysql
5.1.13
oraclemysql
5.1.14
oraclemysql
5.1.15
oraclemysql
5.1.16
oraclemysql
5.1.17
oraclemysql
6.0.0
oraclemysql
6.0.1
oraclemysql
6.0.2
oraclemysql
6.0.3
oraclemysql
6.0.4
참조
- http://bugs.mysql.com/bug.php?id=32091
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
- http://osvdb.org/42607
- http://securitytracker.com/id?1019084
- http://www.vupen.com/english/advisories/2008/0560/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38988
- http://bugs.mysql.com/bug.php?id=32091
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
- http://osvdb.org/42607
- http://securitytracker.com/id?1019084
- http://www.vupen.com/english/advisories/2008/0560/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38988