How severe is CVE-2007-5970?

The severity of CVE-2007-5970 has not been assessed with CVSS v3.

CVE-2007-5970

Name: mysql
Author: oracle

NONE

MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX

发布于: 12/10/2007更新于: 4/9/2025

描述

MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.

AI分析AI驱动

受影响产品

oraclemysql

5.1.1

oraclemysql

5.1.2

oraclemysql

5.1.10

oraclemysql

5.1.11

oraclemysql

5.1.12

oraclemysql

5.1.13

oraclemysql

5.1.14

oraclemysql

5.1.15

oraclemysql

5.1.16

oraclemysql

5.1.17

oraclemysql

6.0.0

oraclemysql

6.0.1

oraclemysql

6.0.2

oraclemysql

6.0.3

oraclemysql

6.0.4

参考资料

http://bugs.mysql.com/bug.php?id=32091
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
http://osvdb.org/42607
http://securitytracker.com/id?1019084
http://www.vupen.com/english/advisories/2008/0560/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/38988
http://bugs.mysql.com/bug.php?id=32091
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
http://osvdb.org/42607
http://securitytracker.com/id?1019084
http://www.vupen.com/english/advisories/2008/0560/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/38988