Lucene search
Ubuntu.comUB:CVE-2007-5970HistoryDec 10, 2007 - 12:00 a.m.
CVE-2007-5970
2007-12-1000:00:00
ubuntu.com
ubuntu.com
6
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.005
Percentile
76.4%
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote
authenticated users to gain privileges on arbitrary tables via unspecified
vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY
options when creating a partitioned table with the same name as a table on
which the user lacks privileges.
Notes
| Author | Note |
|---|---|
| jdstrand | check if it also applies to mysql 5.0 5.1 and 6.0 only according to upstream release notes (the bug is private, so can’t see it) |
Related
cvelist
cvelist
CVE-2007-5970
2007-12-10 19:00:00
nvd
nvd
CVE-2007-5970
2007-12-10 19:46:00
prion
prion
Directory traversal
2007-12-10 19:46:00
cve
cve
CVE-2007-5970
2007-12-10 19:46:00
nessus
nessus
MySQL Community Server < 5.1.23 / 6.0.4 Multiple Vulnerabilities
2007-12-13 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.005
Percentile
76.4%
Related for UB:CVE-2007-5970