Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6313

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2007-6313
Last Modified 07 Mar 2011 10:02:24
Published 18 Feb 2008 06:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-6313

Summary

MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.

Vulnerable Systems

Application

  • Mysql Community Server 5.1.1

  • Mysql Community Server 5.1.10

  • Mysql Community Server 5.1.11

  • Mysql Community Server 5.1.12

  • Mysql Community Server 5.1.13

  • Mysql Community Server 5.1.14

  • Mysql Community Server 5.1.15

  • Mysql Community Server 5.1.16

  • Mysql Community Server 5.1.17

  • Mysql Community Server 5.1.18

  • Mysql Community Server 5.1.19

  • Mysql Community Server 5.1.2

  • Mysql Community Server 5.1.20

  • Mysql Community Server 5.1.21

  • Mysql Community Server 5.1.22

  • Mysql Community Server 5.1.3

  • Mysql Community Server 5.1.4

  • Mysql Community Server 5.1.5

  • Mysql Community Server 5.1.6

  • Mysql Community Server 5.1.7

  • Mysql Community Server 5.1.8

  • Mysql Community Server 5.1.9

  • Mysql Community Server 6.0.0

  • Mysql Community Server 6.0.1

  • Mysql Community Server 6.0.2

  • Mysql Community Server 6.0.3


References

VUPEN - ADV-2008-0560

SECTRACK - 1019083

OSVDB - 43179

CONFIRM - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html

CONFIRM - http://bugs.mysql.com/31611


Last Updated: 27 May 2016 10:46:28