Lucene search

[email protected]CVE-2006-0369

HistoryJan 22, 2006 - 8:03 p.m.

CVE-2006-0369

2006-01-2220:03:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2006-0369

mysql

information disclosure

security vulnerability

view

nvd

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.7%

JSON

MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the “SELECT * FROM information_schema.views;” query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access

CPENameOperatorVersion
oracle:mysqloracle mysqleq5.0.18

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	eq	5.0.18

References

www.securityfocus.com/archive/1/422491/100/0/threaded

www.securityfocus.com/archive/1/422592/100/0/threaded

www.securityfocus.com/archive/1/422698/100/0/threaded

www.securityfocus.com/archive/1/423180/30/7310/threaded

www.securityfocus.com/archive/1/423204/100/0/threaded

www.securityfocus.com/archive/1/423228/100/0/threaded

www.securityfocus.com/archive/1/423432/100/0/threaded

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.7%

JSON

Related for CVE-2006-0369

prion1 nessus1