CVE-2007-5970
NONEMySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX
Опубликовано: 12/10/2007Обновлено: 4/9/2025
Описание
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
ИИ-АнализНа базе ИИ
Затронутые продукты
oraclemysql
5.1.1
oraclemysql
5.1.2
oraclemysql
5.1.10
oraclemysql
5.1.11
oraclemysql
5.1.12
oraclemysql
5.1.13
oraclemysql
5.1.14
oraclemysql
5.1.15
oraclemysql
5.1.16
oraclemysql
5.1.17
oraclemysql
6.0.0
oraclemysql
6.0.1
oraclemysql
6.0.2
oraclemysql
6.0.3
oraclemysql
6.0.4
Ссылки
- http://bugs.mysql.com/bug.php?id=32091
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
- http://osvdb.org/42607
- http://securitytracker.com/id?1019084
- http://www.vupen.com/english/advisories/2008/0560/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38988
- http://bugs.mysql.com/bug.php?id=32091
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
- http://osvdb.org/42607
- http://securitytracker.com/id?1019084
- http://www.vupen.com/english/advisories/2008/0560/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38988