VDB
CVE-2007-6303
CVE-2007-6303
PUBLISHED
Reported by mitre · Published December 10, 2007
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a, n/a |
Exploit Intelligence
- http://bugs.mysql.com/bug.php?id=29908 (vulncheck-nvd)
Timeline
- Dec 10, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- GLSA-200804-04 vendor-advisoryx_refsource_GENTOO
- 29706 third-party-advisoryx_refsource_SECUNIA
- mysql-definer-value-privilege-escalation(38989) vdb-entryx_refsource_XF
- 29443 third-party-advisoryx_refsource_SECUNIA
- MDVSA-2008:017 vendor-advisoryx_refsource_MANDRIVA
- x_refsource_CONFIRM
- FEDORA-2007-4465 vendor-advisoryx_refsource_FEDORA
- RHSA-2007:1157 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- ADV-2007-4198 vdb-entryx_refsource_VUPEN
- FEDORA-2007-4471 vendor-advisoryx_refsource_FEDORA
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- 26832 vdb-entryx_refsource_BID
- 1019085 vdb-entryx_refsource_SECTRACK
- 28025 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server mailing-listx_refsource_BUGTRAQ
…and 5 more