MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.mysql.com/31611 - | |
References | () http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html - | |
References | () http://osvdb.org/43179 - | |
References | () http://www.securitytracker.com/id?1019083 - | |
References | () http://www.vupen.com/english/advisories/2008/0560/references - |
Information
Published : 2008-02-18 23:00
Updated : 2024-11-21 00:39
NVD link : CVE-2007-6313
Mitre link : CVE-2007-6313
CVE.ORG link : CVE-2007-6313
JSON object : View
Products Affected
mysql
- mysql_community_server
CWE
CWE-264
Permissions, Privileges, and Access Controls