Vulnerability-Lookup

CVE-2007-5969 (GCVE-0-2007-5969)

Vulnerability from cvelistv5 – Published: 2007-12-10 19:00 – Updated: 2024-08-07 15:47

Summary

MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

41 references

URL	Tags
http://secunia.com/advisories/28343	third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200804-04.xml	vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/29706	third-party-advisoryx_refsource_SECUNIA
http://bugs.mysql.com/32111	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/31681	vdb-entryx_refsource_BID
http://dev.mysql.com/doc/refman/5.0/en/releasenot…	x_refsource_CONFIRM
http://www.debian.org/security/2008/dsa-1451	vendor-advisoryx_refsource_DEBIAN
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html	x_refsource_CONFIRM
http://www.securitytracker.com/id?1019060	vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/4142	vdb-entryx_refsource_VUPEN
https://usn.ubuntu.com/559-1/	vendor-advisoryx_refsource_UBUNTU
http://www.securityfocus.com/archive/1/486477/100…	mailing-listx_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2008/1000…	vdb-entryx_refsource_VUPEN
http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
http://www.vupen.com/english/advisories/2008/0560…	vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/26765	vdb-entryx_refsource_BID
https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/28040	third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-11…	vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/28099	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28559	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/32222	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27981	third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/4198	vdb-entryx_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
http://dev.mysql.com/doc/refman/5.0/en/releasenot…	x_refsource_CONFIRM
http://lists.mysql.com/announce/495	mailing-listx_refsource_MLIST
http://www.redhat.com/support/errata/RHSA-2007-11…	vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/28108	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28025	third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2780	vdb-entryx_refsource_VUPEN
http://forums.mysql.com/read.php?3%2C186931%2C186931	x_refsource_CONFIRM
http://secunia.com/advisories/28838	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28128	third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/28063	third-party-advisoryx_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT3216	x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1999	x_refsource_CONFIRM

Date Public ?

2007-12-06 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28343"
          },
          {
            "name": "GLSA-200804-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
          },
          {
            "name": "29706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29706"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/32111"
          },
          {
            "name": "oval:org.mitre.oval:def:10509",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
          },
          {
            "name": "31681",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31681"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
          },
          {
            "name": "DSA-1451",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1451"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
          },
          {
            "name": "1019060",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019060"
          },
          {
            "name": "ADV-2007-4142",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4142"
          },
          {
            "name": "USN-559-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/559-1/"
          },
          {
            "name": "20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
          },
          {
            "name": "ADV-2008-1000",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1000/references"
          },
          {
            "name": "SSA:2007-348-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
          },
          {
            "name": "ADV-2008-0560",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0560/references"
          },
          {
            "name": "26765",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26765"
          },
          {
            "name": "FEDORA-2007-4465",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
          },
          {
            "name": "28040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28040"
          },
          {
            "name": "RHSA-2007:1157",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
          },
          {
            "name": "28099",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28099"
          },
          {
            "name": "28559",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28559"
          },
          {
            "name": "32222",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32222"
          },
          {
            "name": "27981",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27981"
          },
          {
            "name": "ADV-2007-4198",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4198"
          },
          {
            "name": "FEDORA-2007-4471",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
          },
          {
            "name": "[Announcements] 20071206 MySQL 5.0.51 has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.mysql.com/announce/495"
          },
          {
            "name": "RHSA-2007:1155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
          },
          {
            "name": "28108",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28108"
          },
          {
            "name": "28025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28025"
          },
          {
            "name": "ADV-2008-2780",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forums.mysql.com/read.php?3%2C186931%2C186931"
          },
          {
            "name": "28838",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28838"
          },
          {
            "name": "28128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28128"
          },
          {
            "name": "MDKSA-2007:243",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
          },
          {
            "name": "28063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28063"
          },
          {
            "name": "SUSE-SR:2008:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
          },
          {
            "name": "APPLE-SA-2008-10-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3216"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "28343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28343"
        },
        {
          "name": "GLSA-200804-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
        },
        {
          "name": "29706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29706"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.mysql.com/32111"
        },
        {
          "name": "oval:org.mitre.oval:def:10509",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
        },
        {
          "name": "31681",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31681"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
        },
        {
          "name": "DSA-1451",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1451"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
        },
        {
          "name": "1019060",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019060"
        },
        {
          "name": "ADV-2007-4142",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4142"
        },
        {
          "name": "USN-559-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/559-1/"
        },
        {
          "name": "20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
        },
        {
          "name": "ADV-2008-1000",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1000/references"
        },
        {
          "name": "SSA:2007-348-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
        },
        {
          "name": "ADV-2008-0560",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0560/references"
        },
        {
          "name": "26765",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26765"
        },
        {
          "name": "FEDORA-2007-4465",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
        },
        {
          "name": "28040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28040"
        },
        {
          "name": "RHSA-2007:1157",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
        },
        {
          "name": "28099",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28099"
        },
        {
          "name": "28559",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28559"
        },
        {
          "name": "32222",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32222"
        },
        {
          "name": "27981",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27981"
        },
        {
          "name": "ADV-2007-4198",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4198"
        },
        {
          "name": "FEDORA-2007-4471",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
        },
        {
          "name": "[Announcements] 20071206 MySQL 5.0.51 has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.mysql.com/announce/495"
        },
        {
          "name": "RHSA-2007:1155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
        },
        {
          "name": "28108",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28108"
        },
        {
          "name": "28025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28025"
        },
        {
          "name": "ADV-2008-2780",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forums.mysql.com/read.php?3%2C186931%2C186931"
        },
        {
          "name": "28838",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28838"
        },
        {
          "name": "28128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28128"
        },
        {
          "name": "MDKSA-2007:243",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
        },
        {
          "name": "28063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28063"
        },
        {
          "name": "SUSE-SR:2008:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
        },
        {
          "name": "APPLE-SA-2008-10-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3216"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1999"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5969",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28343"
            },
            {
              "name": "GLSA-200804-04",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
            },
            {
              "name": "29706",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29706"
            },
            {
              "name": "http://bugs.mysql.com/32111",
              "refsource": "CONFIRM",
              "url": "http://bugs.mysql.com/32111"
            },
            {
              "name": "oval:org.mitre.oval:def:10509",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
            },
            {
              "name": "31681",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31681"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
            },
            {
              "name": "DSA-1451",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1451"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
            },
            {
              "name": "1019060",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019060"
            },
            {
              "name": "ADV-2007-4142",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4142"
            },
            {
              "name": "USN-559-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/559-1/"
            },
            {
              "name": "20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
            },
            {
              "name": "ADV-2008-1000",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1000/references"
            },
            {
              "name": "SSA:2007-348-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
            },
            {
              "name": "ADV-2008-0560",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0560/references"
            },
            {
              "name": "26765",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26765"
            },
            {
              "name": "FEDORA-2007-4465",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
            },
            {
              "name": "28040",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28040"
            },
            {
              "name": "RHSA-2007:1157",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
            },
            {
              "name": "28099",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28099"
            },
            {
              "name": "28559",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28559"
            },
            {
              "name": "32222",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32222"
            },
            {
              "name": "27981",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27981"
            },
            {
              "name": "ADV-2007-4198",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4198"
            },
            {
              "name": "FEDORA-2007-4471",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
            },
            {
              "name": "[Announcements] 20071206 MySQL 5.0.51 has been released",
              "refsource": "MLIST",
              "url": "http://lists.mysql.com/announce/495"
            },
            {
              "name": "RHSA-2007:1155",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
            },
            {
              "name": "28108",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28108"
            },
            {
              "name": "28025",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28025"
            },
            {
              "name": "ADV-2008-2780",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2780"
            },
            {
              "name": "http://forums.mysql.com/read.php?3,186931,186931",
              "refsource": "CONFIRM",
              "url": "http://forums.mysql.com/read.php?3,186931,186931"
            },
            {
              "name": "28838",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28838"
            },
            {
              "name": "28128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28128"
            },
            {
              "name": "MDKSA-2007:243",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
            },
            {
              "name": "28063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28063"
            },
            {
              "name": "SUSE-SR:2008:003",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
            },
            {
              "name": "APPLE-SA-2008-10-09",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT3216",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3216"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1999",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1999"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5969",
    "datePublished": "2007-12-10T19:00:00.000Z",
    "dateReserved": "2007-11-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:47:00.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2007-5969",
      "date": "2026-05-21",
      "epss": "0.01811",
      "percentile": "0.83066"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_server:5.1.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB22F327-7795-4B25-B40E-5684F2A5B0BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0714FFD1-72F8-40DA-8BD9-80A160B4EBE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_server:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B02C419-7843-4400-9223-B9632A183FCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_server:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9FF4637-F6CF-40FD-AE36-EA8B9C1ECBB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_server:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DF9852D-A35F-49A8-9886-49991DD864F2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:community_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.0.50\", \"matchCriteriaId\": \"8ED15232-83F0-4A63-8E8B-79B0C2BF80F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:community_server:5.0.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FAA5C79-6D2D-45BF-A392-0EA4F9D3C727\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:community_server:5.0.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E670333-0E50-42D5-8D67-B1F565FFD59A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:community_server:5.0.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C576BBB-9A3B-4BDD-A362-00F65627284A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mysql:mysql_enterprise_server:5.0.50:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C003A85-4802-4B55-A7EA-5229A0FDEDB3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.\"}, {\"lang\": \"es\", \"value\": \"MySQL Community Server versiones 5.0.x anteriores a 5.0.51, Enterprise Server versiones 5.0.x anteriores a 5.0.52, Server versiones 5.1.x anteriores a 5.1.23 y Server versiones 6.0.x anteriores a 6.0.4, cuando una tabla se basa en symlinks creados por medio de las opciones expl\\u00edcitas DATA DIRECTORY e INDEX DIRECTORY, permite a los usuarios remotos autenticados sobrescribir la informaci\\u00f3n de la tabla del sistema y alcanzar privilegios por medio de una sentencia RENAME TABLE que cambia el symlink para que apunte hacia un archivo existente.\"}]",
      "id": "CVE-2007-5969",
      "lastModified": "2024-11-21T00:39:04.037",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:S/C:C/I:C/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-12-10T19:46:00.000",
      "references": "[{\"url\": \"http://bugs.mysql.com/32111\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://forums.mysql.com/read.php?3%2C186931%2C186931\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.mysql.com/announce/495\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/27981\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28025\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28040\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28063\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28099\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28108\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28128\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28343\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28559\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28838\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29706\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32222\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200804-04.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.apple.com/kb/HT3216\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1451\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1155.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1157.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/486477/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/26765\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/31681\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1019060\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4142\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4198\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0560/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1000/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2780\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1999\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://usn.ubuntu.com/559-1/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.mysql.com/32111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://forums.mysql.com/read.php?3%2C186931%2C186931\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.mysql.com/announce/495\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27981\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28025\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28040\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28063\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28099\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28108\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28128\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28343\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28559\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28838\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29706\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32222\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200804-04.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT3216\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1451\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1155.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2007-1157.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/486477/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26765\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/31681\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1019060\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4142\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4198\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0560/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1000/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2780\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/559-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5969\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-12-10T19:46:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.\"},{\"lang\":\"es\",\"value\":\"MySQL Community Server versiones 5.0.x anteriores a 5.0.51, Enterprise Server versiones 5.0.x anteriores a 5.0.52, Server versiones 5.1.x anteriores a 5.1.23 y Server versiones 6.0.x anteriores a 6.0.4, cuando una tabla se basa en symlinks creados por medio de las opciones expl\u00edcitas DATA DIRECTORY e INDEX DIRECTORY, permite a los usuarios remotos autenticados sobrescribir la informaci\u00f3n de la tabla del sistema y alcanzar privilegios por medio de una sentencia RENAME TABLE que cambia el symlink para que apunte hacia un archivo existente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_server:5.1.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB22F327-7795-4B25-B40E-5684F2A5B0BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0714FFD1-72F8-40DA-8BD9-80A160B4EBE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_server:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B02C419-7843-4400-9223-B9632A183FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_server:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9FF4637-F6CF-40FD-AE36-EA8B9C1ECBB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_server:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DF9852D-A35F-49A8-9886-49991DD864F2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:community_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.50\",\"matchCriteriaId\":\"8ED15232-83F0-4A63-8E8B-79B0C2BF80F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:community_server:5.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FAA5C79-6D2D-45BF-A392-0EA4F9D3C727\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:community_server:5.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E670333-0E50-42D5-8D67-B1F565FFD59A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:community_server:5.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C576BBB-9A3B-4BDD-A362-00F65627284A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql_enterprise_server:5.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C003A85-4802-4B55-A7EA-5229A0FDEDB3\"}]}]}],\"references\":[{\"url\":\"http://bugs.mysql.com/32111\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://forums.mysql.com/read.php?3%2C186931%2C186931\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.mysql.com/announce/495\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27981\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28025\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28040\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28063\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28099\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28108\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28128\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28343\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28559\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28838\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29706\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32222\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200804-04.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3216\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1451\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1155.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1157.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/486477/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26765\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/31681\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1019060\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4142\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4198\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0560/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1000/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2780\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1999\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/559-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.mysql.com/32111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://forums.mysql.com/read.php?3%2C186931%2C186931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.mysql.com/announce/495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28063\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28099\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28343\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28838\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200804-04.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1155.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-1157.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/486477/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26765\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/31681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1019060\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4198\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0560/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1000/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/559-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-541

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité permettant la manipulation de données, dont les tables système, affecte MySQL.

Description

Une vulnérabilité dans MySQL permet à un utilisateur malveillant de manipuler localement certaines données de la base. Elle survient lors du renommage de tables ayant certaines caractéristiques, et permet de remplacer ces tables par des liens symboliques pointant sur des structures controlées par l'attaquant.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	MySQL	Les versions de MySQL antérieures à la 5.0.51.

References

Title

Publication Time

Tags

Bulletin de mise à jour MySQL 5.0.51 du 15 novembre 2007	None	vendor-advisory
Bulletin de mise à jour Mysql 5.0.51 du 15 novembre 2007 :	-	other
Alerte de Secunia numéro 27981 du 10 décembre 2007 :	-	other
Bulletin de sécurité Mandriva MDKSA-2007:243 du 10 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Les versions de MySQL ant\u00e9rieures \u00e0 la 5.0.51.",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans MySQL permet \u00e0 un utilisateur malveillant de\nmanipuler localement certaines donn\u00e9es de la base. Elle survient lors du\nrenommage de tables ayant certaines caract\u00e9ristiques, et permet de\nremplacer ces tables par des liens symboliques pointant sur des\nstructures control\u00e9es par l\u0027attaquant.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    }
  ],
  "links": [
    {
      "title": "Bulletin de mise \u00e0 jour Mysql 5.0.51 du 15 novembre 2007 :",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
    },
    {
      "title": "Alerte de Secunia num\u00e9ro 27981 du 10 d\u00e9cembre 2007 :",
      "url": "http://secunia.com/advisories/27981/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:243 du 10 d\u00e9cembre    2007 :",
      "url": "http://www.mandriva.com/archives/security/advisories"
    }
  ],
  "reference": "CERTA-2007-AVI-541",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 permettant la manipulation de donn\u00e9es, dont les tables\nsyst\u00e8me, affecte MySQL.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour MySQL 5.0.51 du 15 novembre 2007",
      "url": null
    }
  ]
}

CERTA-2008-AVI-088

Vulnerability from certfr_avis - Published: - Updated:

None

Description

De nombreuses vulnérabilités présentes dans certaines versions de MySQL peuvent être exploitées par un utilisateur distant malintentionné afin de contourner la politique de sécurité, de porter atteinte à la confidentialité et/ou à l'intégrité des données, de provoquer un déni de service ou d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

MySQL 5.1.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité SuSE SUSE-SR:2008:003 du 07 février 2008	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2007:1155 du 18 décembre 2007 :	-	other
Bulletin de sécurité Debian DSA-1451 du 06 janvier 2008 :	-	other
Bulletin de sécurité SuSE SUSE-SR:2008:003 du 07 février 2008 :	-	other
Bulletin de sécurité Mandriva MDVSA-2007:243 du 10 décembre 2007 :	-	other
Journal des modifications MySQL du 29 janvier 2008 :	-	other
Bulletin de sécurité Ubuntu USN-559-1 du 21 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMySQL 5.1.x.\u003c/P\u003e",
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans certaines versions de MySQL\npeuvent \u00eatre exploit\u00e9es par un utilisateur distant malintentionn\u00e9 afin\nde contourner la politique de s\u00e9curit\u00e9, de porter atteinte \u00e0 la\nconfidentialit\u00e9 et/ou \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de\nservice ou d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0226"
    },
    {
      "name": "CVE-2007-6313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6313"
    },
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2007-5970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5970"
    },
    {
      "name": "CVE-2008-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0227"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2007:1155 du 18 d\u00e9cembre    2007 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-1155.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1451 du 06 janvier 2008 :",
      "url": "http://www.debian.org/security/2008/DSA-1451"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier    2008 :",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2007:243 du 10 d\u00e9cembre    2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2007:243"
    },
    {
      "title": "Journal des modifications MySQL du 29 janvier 2008    :",
      "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-559-1 du 21 d\u00e9cembre 2007 :",
      "url": "http://www.ubuntu.com/usn/usn-559-1"
    }
  ],
  "reference": "CERTA-2008-AVI-088",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-02-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-162

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectent les versions 4.x du gestionnaire de base de données MySQL. En particulier, certaines d'entre elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

De nombreuses vulnérabilités affectent la branche 4 de MySQL.

La création de tables MyISAM avec certaines options permet d'écraser des tables existantes.

Le renommage utilisé avec certains paramètres permet la réécriture de tables système.

Des erreurs provoquent des débordements de mémoire ou de pile ou des violations de la segmentation de la mémoire. Dans certains cas l'exploitation permet à un utilisateur d'exécuter du code arbitraire à distance.

Certaines erreurs permettent de provoquer un arrêt inopiné (crash) du serveur. L'utilisation d'un paquet d'authentification malformé permet de provoquer cet arrêt à distance.

Certaines erreurs conduisent à des insertions dans les affichages ou à la corruption de tables.

Solution

La version 4.1.24 corrige ces problèmes. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Note : la branche 4 du logiciel MySQL n'est plus maintenue (cf. section Documentation). Il est recommandé de migrer vers la branche 5 de ce logiciel.

MySQL, version 4.1.23 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de version de MySQL :	-	other
Politique et calendrier de support pour MySQL :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eMySQL\u003c/SPAN\u003e,  version 4.1.23 et ant\u00e9rieures.",
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s affectent la branche 4 de MySQL.\n\nLa cr\u00e9ation de tables MyISAM avec certaines options permet d\u0027\u00e9craser des\ntables existantes.\n\nLe renommage utilis\u00e9 avec certains param\u00e8tres permet la r\u00e9\u00e9criture de\ntables syst\u00e8me.\n\nDes erreurs provoquent des d\u00e9bordements de m\u00e9moire ou de pile ou des\nviolations de la segmentation de la m\u00e9moire. Dans certains cas\nl\u0027exploitation permet \u00e0 un utilisateur d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\nCertaines erreurs permettent de provoquer un arr\u00eat inopin\u00e9 (crash) du\nserveur. L\u0027utilisation d\u0027un paquet d\u0027authentification malform\u00e9 permet de\nprovoquer cet arr\u00eat \u00e0 distance.\n\nCertaines erreurs conduisent \u00e0 des insertions dans les affichages ou \u00e0\nla corruption de tables.\n\n## Solution\n\nLa version 4.1.24 corrige ces probl\u00e8mes. Se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n\n  \n  \n\n\u003cspan class=\"textbf\"\u003eNote\u003c/span\u003e : la branche 4 du logiciel MySQL n\u0027est\nplus maintenue (cf. section Documentation). Il est recommand\u00e9 de migrer\nvers la branche 5 de ce logiciel.\n",
  "cves": [
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2007-3780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3780"
    }
  ],
  "links": [
    {
      "title": "Bulletin de version de MySQL :",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
    },
    {
      "title": "Politique et calendrier de support pour MySQL :",
      "url": "http://www.mysql.com/company/legal/lifecycle/"
    }
  ],
  "reference": "CERTA-2008-AVI-162",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent les versions 4.x du gestionnaire de\nbase de donn\u00e9es \u003cspan class=\"textit\"\u003eMySQL\u003c/span\u003e. En particulier,\ncertaines d\u0027entre elles permettent \u00e0 un utilisateur malveillant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans MySQL",
  "vendor_advisories": []
}

CERTA-2008-AVI-492

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectant Apple Mac Os X permettent à une personne malveillante d'effectuer une exécution de code arbitraire, de provoquer un déni de service à distance, de contourner la politique de sécurité, de porter atteinte à la confidentialité des données et d'élever ses privilèges sur le système.

Description

De multiples vulnérabilités ont été découvertes dans Apple Mac OS X. Ces dernières affectent entre autres :

ColorSync ;
CUPS ;
Finder ;
Postfix ;
Networking ;
...

Elles permettent à une personne malintentionnée d'effectuer une exécution de code arbitraire , de provoquer un déni de service à distance, de contourner la politique de sécurité, de porter atteinte à la confidentialité des données et d'élever ses privilèges sur le système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Mac OS X 10.4.11 ;
	N/A	N/A	Mac OS X 10.5.5.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3216 du 09 octobre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.4.11 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.5.5.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apple Mac OS X. Ces\nderni\u00e8res affectent entre autres :\n\n-   ColorSync ;\n-   CUPS ;\n-   Finder ;\n-   Postfix ;\n-   Networking ;\n-   ...\n\nElles permettent \u00e0 une personne malintentionn\u00e9e d\u0027effectuer une\nex\u00e9cution de code arbitraire , de provoquer un d\u00e9ni de service \u00e0\ndistance, de contourner la politique de s\u00e9curit\u00e9, de porter atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es et d\u0027\u00e9lever ses privil\u00e8ges sur le\nsyst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-1678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1678"
    },
    {
      "name": "CVE-2008-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3643"
    },
    {
      "name": "CVE-2008-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0226"
    },
    {
      "name": "CVE-2008-3642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3642"
    },
    {
      "name": "CVE-2008-4212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4212"
    },
    {
      "name": "CVE-2008-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0002"
    },
    {
      "name": "CVE-2008-4215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4215"
    },
    {
      "name": "CVE-2007-6420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6420"
    },
    {
      "name": "CVE-2008-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2371"
    },
    {
      "name": "CVE-2008-0674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0674"
    },
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2008-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3646"
    },
    {
      "name": "CVE-2008-3912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3912"
    },
    {
      "name": "CVE-2008-3914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3914"
    },
    {
      "name": "CVE-2007-5461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5461"
    },
    {
      "name": "CVE-2008-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3432"
    },
    {
      "name": "CVE-2008-2079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2079"
    },
    {
      "name": "CVE-2008-1389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1389"
    },
    {
      "name": "CVE-2008-1232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1232"
    },
    {
      "name": "CVE-2008-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2370"
    },
    {
      "name": "CVE-2007-5333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5333"
    },
    {
      "name": "CVE-2008-2712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2712"
    },
    {
      "name": "CVE-2008-1947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1947"
    },
    {
      "name": "CVE-2007-4850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4850"
    },
    {
      "name": "CVE-2007-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2691"
    },
    {
      "name": "CVE-2007-6286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6286"
    },
    {
      "name": "CVE-2008-3641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3641"
    },
    {
      "name": "CVE-2008-3913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3913"
    },
    {
      "name": "CVE-2008-3294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3294"
    },
    {
      "name": "CVE-2008-3645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3645"
    },
    {
      "name": "CVE-2008-3647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3647"
    },
    {
      "name": "CVE-2007-5342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5342"
    },
    {
      "name": "CVE-2008-2364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2364"
    },
    {
      "name": "CVE-2008-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4214"
    },
    {
      "name": "CVE-2008-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1767"
    },
    {
      "name": "CVE-2008-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2938"
    },
    {
      "name": "CVE-2008-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0227"
    },
    {
      "name": "CVE-2008-4101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4101"
    },
    {
      "name": "CVE-2008-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4211"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-492",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectant Apple Mac Os X permettent \u00e0 une\npersonne malveillante d\u0027effectuer une ex\u00e9cution de code arbitraire, de\nprovoquer un d\u00e9ni de service \u00e0 distance, de contourner la politique de\ns\u00e9curit\u00e9, de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nd\u0027\u00e9lever ses privil\u00e8ges sur le syst\u00e8me.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3216 du 09 octobre 2008",
      "url": "http://support.apple.com/kb/HT3216"
    }
  ]
}

CERTA-2007-AVI-541

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité permettant la manipulation de données, dont les tables système, affecte MySQL.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	MySQL	Les versions de MySQL antérieures à la 5.0.51.

References

Title

Publication Time

Tags

Bulletin de mise à jour MySQL 5.0.51 du 15 novembre 2007	None	vendor-advisory
Bulletin de mise à jour Mysql 5.0.51 du 15 novembre 2007 :	-	other
Alerte de Secunia numéro 27981 du 10 décembre 2007 :	-	other
Bulletin de sécurité Mandriva MDKSA-2007:243 du 10 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Les versions de MySQL ant\u00e9rieures \u00e0 la 5.0.51.",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans MySQL permet \u00e0 un utilisateur malveillant de\nmanipuler localement certaines donn\u00e9es de la base. Elle survient lors du\nrenommage de tables ayant certaines caract\u00e9ristiques, et permet de\nremplacer ces tables par des liens symboliques pointant sur des\nstructures control\u00e9es par l\u0027attaquant.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    }
  ],
  "links": [
    {
      "title": "Bulletin de mise \u00e0 jour Mysql 5.0.51 du 15 novembre 2007 :",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
    },
    {
      "title": "Alerte de Secunia num\u00e9ro 27981 du 10 d\u00e9cembre 2007 :",
      "url": "http://secunia.com/advisories/27981/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:243 du 10 d\u00e9cembre    2007 :",
      "url": "http://www.mandriva.com/archives/security/advisories"
    }
  ],
  "reference": "CERTA-2007-AVI-541",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 permettant la manipulation de donn\u00e9es, dont les tables\nsyst\u00e8me, affecte MySQL.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour MySQL 5.0.51 du 15 novembre 2007",
      "url": null
    }
  ]
}

CERTA-2008-AVI-088

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

MySQL 5.1.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité SuSE SUSE-SR:2008:003 du 07 février 2008	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2007:1155 du 18 décembre 2007 :	-	other
Bulletin de sécurité Debian DSA-1451 du 06 janvier 2008 :	-	other
Bulletin de sécurité SuSE SUSE-SR:2008:003 du 07 février 2008 :	-	other
Bulletin de sécurité Mandriva MDVSA-2007:243 du 10 décembre 2007 :	-	other
Journal des modifications MySQL du 29 janvier 2008 :	-	other
Bulletin de sécurité Ubuntu USN-559-1 du 21 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMySQL 5.1.x.\u003c/P\u003e",
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans certaines versions de MySQL\npeuvent \u00eatre exploit\u00e9es par un utilisateur distant malintentionn\u00e9 afin\nde contourner la politique de s\u00e9curit\u00e9, de porter atteinte \u00e0 la\nconfidentialit\u00e9 et/ou \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de\nservice ou d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0226"
    },
    {
      "name": "CVE-2007-6313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6313"
    },
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2007-5970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5970"
    },
    {
      "name": "CVE-2008-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0227"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2007:1155 du 18 d\u00e9cembre    2007 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-1155.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1451 du 06 janvier 2008 :",
      "url": "http://www.debian.org/security/2008/DSA-1451"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier    2008 :",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2007:243 du 10 d\u00e9cembre    2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2007:243"
    },
    {
      "title": "Journal des modifications MySQL du 29 janvier 2008    :",
      "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-559-1 du 21 d\u00e9cembre 2007 :",
      "url": "http://www.ubuntu.com/usn/usn-559-1"
    }
  ],
  "reference": "CERTA-2008-AVI-088",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-02-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-162

Vulnerability from certfr_avis - Published: - Updated:

Description

De nombreuses vulnérabilités affectent la branche 4 de MySQL.

La création de tables MyISAM avec certaines options permet d'écraser des tables existantes.

Le renommage utilisé avec certains paramètres permet la réécriture de tables système.

Certaines erreurs permettent de provoquer un arrêt inopiné (crash) du serveur. L'utilisation d'un paquet d'authentification malformé permet de provoquer cet arrêt à distance.

Certaines erreurs conduisent à des insertions dans les affichages ou à la corruption de tables.

Solution

La version 4.1.24 corrige ces problèmes. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Note : la branche 4 du logiciel MySQL n'est plus maintenue (cf. section Documentation). Il est recommandé de migrer vers la branche 5 de ce logiciel.

MySQL, version 4.1.23 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de version de MySQL :	-	other
Politique et calendrier de support pour MySQL :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eMySQL\u003c/SPAN\u003e,  version 4.1.23 et ant\u00e9rieures.",
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s affectent la branche 4 de MySQL.\n\nLa cr\u00e9ation de tables MyISAM avec certaines options permet d\u0027\u00e9craser des\ntables existantes.\n\nLe renommage utilis\u00e9 avec certains param\u00e8tres permet la r\u00e9\u00e9criture de\ntables syst\u00e8me.\n\nDes erreurs provoquent des d\u00e9bordements de m\u00e9moire ou de pile ou des\nviolations de la segmentation de la m\u00e9moire. Dans certains cas\nl\u0027exploitation permet \u00e0 un utilisateur d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\nCertaines erreurs permettent de provoquer un arr\u00eat inopin\u00e9 (crash) du\nserveur. L\u0027utilisation d\u0027un paquet d\u0027authentification malform\u00e9 permet de\nprovoquer cet arr\u00eat \u00e0 distance.\n\nCertaines erreurs conduisent \u00e0 des insertions dans les affichages ou \u00e0\nla corruption de tables.\n\n## Solution\n\nLa version 4.1.24 corrige ces probl\u00e8mes. Se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n\n  \n  \n\n\u003cspan class=\"textbf\"\u003eNote\u003c/span\u003e : la branche 4 du logiciel MySQL n\u0027est\nplus maintenue (cf. section Documentation). Il est recommand\u00e9 de migrer\nvers la branche 5 de ce logiciel.\n",
  "cves": [
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2007-3780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3780"
    }
  ],
  "links": [
    {
      "title": "Bulletin de version de MySQL :",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
    },
    {
      "title": "Politique et calendrier de support pour MySQL :",
      "url": "http://www.mysql.com/company/legal/lifecycle/"
    }
  ],
  "reference": "CERTA-2008-AVI-162",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent les versions 4.x du gestionnaire de\nbase de donn\u00e9es \u003cspan class=\"textit\"\u003eMySQL\u003c/span\u003e. En particulier,\ncertaines d\u0027entre elles permettent \u00e0 un utilisateur malveillant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans MySQL",
  "vendor_advisories": []
}

CERTA-2008-AVI-492

Vulnerability from certfr_avis - Published: - Updated:

Description

De multiples vulnérabilités ont été découvertes dans Apple Mac OS X. Ces dernières affectent entre autres :

ColorSync ;
CUPS ;
Finder ;
Postfix ;
Networking ;
...

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Mac OS X 10.4.11 ;
	N/A	N/A	Mac OS X 10.5.5.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3216 du 09 octobre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.4.11 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.5.5.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apple Mac OS X. Ces\nderni\u00e8res affectent entre autres :\n\n-   ColorSync ;\n-   CUPS ;\n-   Finder ;\n-   Postfix ;\n-   Networking ;\n-   ...\n\nElles permettent \u00e0 une personne malintentionn\u00e9e d\u0027effectuer une\nex\u00e9cution de code arbitraire , de provoquer un d\u00e9ni de service \u00e0\ndistance, de contourner la politique de s\u00e9curit\u00e9, de porter atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es et d\u0027\u00e9lever ses privil\u00e8ges sur le\nsyst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-1678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1678"
    },
    {
      "name": "CVE-2008-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3643"
    },
    {
      "name": "CVE-2008-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0226"
    },
    {
      "name": "CVE-2008-3642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3642"
    },
    {
      "name": "CVE-2008-4212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4212"
    },
    {
      "name": "CVE-2008-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0002"
    },
    {
      "name": "CVE-2008-4215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4215"
    },
    {
      "name": "CVE-2007-6420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6420"
    },
    {
      "name": "CVE-2008-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2371"
    },
    {
      "name": "CVE-2008-0674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0674"
    },
    {
      "name": "CVE-2007-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5969"
    },
    {
      "name": "CVE-2008-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3646"
    },
    {
      "name": "CVE-2008-3912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3912"
    },
    {
      "name": "CVE-2008-3914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3914"
    },
    {
      "name": "CVE-2007-5461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5461"
    },
    {
      "name": "CVE-2008-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3432"
    },
    {
      "name": "CVE-2008-2079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2079"
    },
    {
      "name": "CVE-2008-1389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1389"
    },
    {
      "name": "CVE-2008-1232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1232"
    },
    {
      "name": "CVE-2008-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2370"
    },
    {
      "name": "CVE-2007-5333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5333"
    },
    {
      "name": "CVE-2008-2712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2712"
    },
    {
      "name": "CVE-2008-1947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1947"
    },
    {
      "name": "CVE-2007-4850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4850"
    },
    {
      "name": "CVE-2007-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2691"
    },
    {
      "name": "CVE-2007-6286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6286"
    },
    {
      "name": "CVE-2008-3641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3641"
    },
    {
      "name": "CVE-2008-3913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3913"
    },
    {
      "name": "CVE-2008-3294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3294"
    },
    {
      "name": "CVE-2008-3645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3645"
    },
    {
      "name": "CVE-2008-3647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3647"
    },
    {
      "name": "CVE-2007-5342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5342"
    },
    {
      "name": "CVE-2008-2364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2364"
    },
    {
      "name": "CVE-2008-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4214"
    },
    {
      "name": "CVE-2008-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1767"
    },
    {
      "name": "CVE-2008-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2938"
    },
    {
      "name": "CVE-2008-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0227"
    },
    {
      "name": "CVE-2008-4101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4101"
    },
    {
      "name": "CVE-2008-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4211"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-492",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectant Apple Mac Os X permettent \u00e0 une\npersonne malveillante d\u0027effectuer une ex\u00e9cution de code arbitraire, de\nprovoquer un d\u00e9ni de service \u00e0 distance, de contourner la politique de\ns\u00e9curit\u00e9, de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nd\u0027\u00e9lever ses privil\u00e8ges sur le syst\u00e8me.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3216 du 09 octobre 2008",
      "url": "http://support.apple.com/kb/HT3216"
    }
  ]
}

FKIE_CVE-2007-5969

Vulnerability from fkie_nvd - Published: 2007-12-10 19:46 - Updated: 2026-04-23 00:35

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://bugs.mysql.com/32111
cve@mitre.org	http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
cve@mitre.org	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
cve@mitre.org	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html
cve@mitre.org	http://forums.mysql.com/read.php?3%2C186931%2C186931
cve@mitre.org	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
cve@mitre.org	http://lists.mysql.com/announce/495	Exploit, Vendor Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
cve@mitre.org	http://secunia.com/advisories/27981	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28025	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28040	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28063	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28099	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28108	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28128	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28343	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28559	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28838	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/29706	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/32222	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200804-04.xml
cve@mitre.org	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959
cve@mitre.org	http://support.apple.com/kb/HT3216
cve@mitre.org	http://www.debian.org/security/2008/dsa-1451
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:243
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-1155.html	Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-1157.html	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/486477/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26765
cve@mitre.org	http://www.securityfocus.com/bid/31681	Patch
cve@mitre.org	http://www.securitytracker.com/id?1019060
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4142	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4198	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0560/references	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1000/references	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2780	Vendor Advisory
cve@mitre.org	https://issues.rpath.com/browse/RPL-1999
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509
cve@mitre.org	https://usn.ubuntu.com/559-1/
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.mysql.com/32111
af854a3a-2127-422b-91ae-364da2661108	http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
af854a3a-2127-422b-91ae-364da2661108	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
af854a3a-2127-422b-91ae-364da2661108	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html
af854a3a-2127-422b-91ae-364da2661108	http://forums.mysql.com/read.php?3%2C186931%2C186931
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.mysql.com/announce/495	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27981	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28025	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28040	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28063	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28099	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28108	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28128	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28343	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28559	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28838	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29706	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32222	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200804-04.xml
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3216
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1451
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:243
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1155.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1157.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486477/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26765
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31681	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019060
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4142	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4198	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0560/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1000/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2780	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1999
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/559-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html

Impacted products

Vendor	Product	Version
mysql	mysql_server	5.1.22
mysql	mysql_server	6.0
mysql	mysql_server	6.0.1
mysql	mysql_server	6.0.2
mysql	mysql_server	6.0.3
mysql	community_server	*
mysql	community_server	5.0.41
mysql	community_server	5.0.44
mysql	community_server	5.0.45
mysql	mysql_enterprise_server	5.0.50

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:mysql_server:5.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB22F327-7795-4B25-B40E-5684F2A5B0BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0714FFD1-72F8-40DA-8BD9-80A160B4EBE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql_server:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B02C419-7843-4400-9223-B9632A183FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql_server:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9FF4637-F6CF-40FD-AE36-EA8B9C1ECBB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql_server:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DF9852D-A35F-49A8-9886-49991DD864F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:community_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ED15232-83F0-4A63-8E8B-79B0C2BF80F9",
              "versionEndIncluding": "5.0.50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:community_server:5.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FAA5C79-6D2D-45BF-A392-0EA4F9D3C727",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:community_server:5.0.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E670333-0E50-42D5-8D67-B1F565FFD59A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:community_server:5.0.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C576BBB-9A3B-4BDD-A362-00F65627284A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:mysql_enterprise_server:5.0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C003A85-4802-4B55-A7EA-5229A0FDEDB3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file."
    },
    {
      "lang": "es",
      "value": "MySQL Community Server versiones 5.0.x anteriores a 5.0.51, Enterprise Server versiones 5.0.x anteriores a 5.0.52, Server versiones 5.1.x anteriores a 5.1.23 y Server versiones 6.0.x anteriores a 6.0.4, cuando una tabla se basa en symlinks creados por medio de las opciones expl\u00edcitas DATA DIRECTORY e INDEX DIRECTORY, permite a los usuarios remotos autenticados sobrescribir la informaci\u00f3n de la tabla del sistema y alcanzar privilegios por medio de una sentencia RENAME TABLE que cambia el symlink para que apunte hacia un archivo existente."
    }
  ],
  "id": "CVE-2007-5969",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-12-10T19:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.mysql.com/32111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://forums.mysql.com/read.php?3%2C186931%2C186931"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://lists.mysql.com/announce/495"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27981"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28025"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28040"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28063"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28099"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28108"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28128"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28343"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28559"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28838"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29706"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1451"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26765"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019060"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4142"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4198"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0560/references"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1000/references"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1999"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/559-1/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.mysql.com/32111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://forums.mysql.com/read.php?3%2C186931%2C186931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://lists.mysql.com/announce/495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0560/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1000/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/559-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-34F4-QCWH-G2JJ

Vulnerability from github – Published: 2022-05-01 18:38 – Updated: 2025-04-09 03:49

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5969"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-12-10T19:46:00Z",
    "severity": "HIGH"
  },
  "details": "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.",
  "id": "GHSA-34f4-qcwh-g2jj",
  "modified": "2025-04-09T03:49:07Z",
  "published": "2022-05-01T18:38:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5969"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1999"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/559-1"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.mysql.com/32111"
    },
    {
      "type": "WEB",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"
    },
    {
      "type": "WEB",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"
    },
    {
      "type": "WEB",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"
    },
    {
      "type": "WEB",
      "url": "http://forums.mysql.com/read.php?3%2C186931%2C186931"
    },
    {
      "type": "WEB",
      "url": "http://forums.mysql.com/read.php?3,186931,186931"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.mysql.com/announce/495"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27981"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28025"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28040"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28063"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28099"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28108"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28128"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28343"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28559"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28838"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29706"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.428959"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1451"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26765"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019060"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4142"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4198"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0560/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1000/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-5969 (GCVE-0-2007-5969)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature