6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.7%
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid
routines in the security context of the routine’s definer instead of the
routine’s caller, which allows remote authenticated users to gain
privileges through a routine that has been made available using GRANT
EXECUTE.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | mysql-dfsg-5.0 | < 5.0.22-0ubuntu6.06.3 | UNKNOWN |
ubuntu | 6.10 | noarch | mysql-dfsg-5.0 | < 5.0.24a-9ubuntu0.1 | UNKNOWN |
ubuntu | 7.04 | noarch | mysql-dfsg-5.0 | < 5.0.38-0ubuntu1 | UNKNOWN |