NVD

Id
57993  
Name
CVE-2007-5969  
Description
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.  
Reject
 
CVSS Version
2  
CVSS Score
7.1  
Severity
High  
CVSS Base Score
7.1  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:N/AC:H/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-12-10  
Modified Date
2011-09-01  
Seq
2007-5969  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
297065 57993 CVE-2007-5969 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html  View
297066 57993 CVE-2007-5969 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html  View
297067 57993 CVE-2007-5969 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html  View
297068 57993 CVE-2007-5969 http://forums.mysql.com/read.php?3,186931,186931  View
297069 57993 CVE-2007-5969 APPLE-SA-2008-10-09  View
297070 57993 CVE-2007-5969 [Announcements] 20071206 MySQL 5.0.51 has been released  View
297071 57993 CVE-2007-5969 SUSE-SR:2008:003  View
297072 57993 CVE-2007-5969 oval:org.mitre.oval:def:10509  View
297073 57993 CVE-2007-5969 GLSA-200804-04  View
297074 57993 CVE-2007-5969 SSA:2007-348-01  View
297075 57993 CVE-2007-5969 http://support.apple.com/kb/HT3216  View
297076 57993 CVE-2007-5969 DSA-1451  View
297077 57993 CVE-2007-5969 MDKSA-2007:243  View
297078 57993 CVE-2007-5969 RHSA-2007:1155  View
297079 57993 CVE-2007-5969 RHSA-2007:1157  View
297080 57993 CVE-2007-5969 20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server  View
297081 57993 CVE-2007-5969 26765  View
297082 57993 CVE-2007-5969 31681  View
297083 57993 CVE-2007-5969 1019060  View
297084 57993 CVE-2007-5969 USN-559-1  View
297085 57993 CVE-2007-5969 ADV-2007-4142  View
297086 57993 CVE-2007-5969 ADV-2007-4198  View
297087 57993 CVE-2007-5969 ADV-2008-0560  View
297088 57993 CVE-2007-5969 ADV-2008-1000  View
297089 57993 CVE-2007-5969 ADV-2008-2780  View
297090 57993 CVE-2007-5969 https://issues.rpath.com/browse/RPL-1999  View
297091 57993 CVE-2007-5969 FEDORA-2007-4465  View
297092 57993 CVE-2007-5969 FEDORA-2007-4471  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52320 JVNDB-2007-001010 MySQL の RENAME TABLE ステートメント処理におけるシステムテーブルを上書きされる脆弱性 MySQL には、テーブルが DATA DIRECTORY および INDEX DIRECTORY オプションで作成されたシンボリックリンクに依存する場合、RENAME TABLE ステートメントを利用して、シンボリックリンクが指すファイルを変更することで、システムテーブルを上書き可能な脆弱性が存在します。 CVE-2007-5969 29324 CVE-2007-5969 57993 3.6 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001010.html 2007-11-15 2008-10-31 View