VDB
CVE-2006-4227
CVE-2006-4227
PUBLISHED
Reported by mitre · Published August 18, 2006
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, *, n/a |
Exploit Intelligence
- http://bugs.mysql.com/bug.php?id=18630 (vulncheck-nvd)
- http://www.securityfocus.com/bid/19559 (vulncheck-nvd)
Timeline
- Aug 18, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 22, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- mysql-grant-execute-privilege-escalation(28442) vdb-entryx_refsource_XF
- ADV-2006-3306 vdb-entryx_refsource_VUPEN
- SUSE-SR:2006:023 vendor-advisoryx_refsource_SUSE
- oval:org.mitre.oval:def:10105 vdb-entrysignaturex_refsource_OVAL
- USN-338-1 vendor-advisoryx_refsource_UBUNTU
- 21506 third-party-advisoryx_refsource_SECUNIA
- 19559 vdb-entryx_refsource_BID
- 22080 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 21770 third-party-advisoryx_refsource_SECUNIA
- 30351 third-party-advisoryx_refsource_SECUNIA
- 1016709 vdb-entryx_refsource_SECTRACK
- RHSA-2007:0083 vendor-advisoryx_refsource_REDHAT
- RHSA-2008:0364 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- [commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630 mailing-listx_refsource_MLIST