CVE-2007-2693 — Mysql vulnerability

7 documents5 sources

Severity

3.5LOWNVD

EPSS

0.4%

top 42.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedMay 16

Latest updateMay 1

Description

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

▶NVDmysql/mysql5.1.5

▶NVDoracle/mysql10 versions+9

Patches

Patch: bugs.mysql.com ↗Patch: dev.mysql.com ↗Patch: bugs.mysql.com ↗

🔴Vulnerability Details

GHSA

GHSA-3jwg-934c-hf4r: MySQL before 5↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

LibTIFF - '_TIFFVGetField (tiffsplit)' Out-of-Bounds Read↗2017-07-06

▶

📋Vendor Advisories

Red Hat

An error message discloses sensitive information to user without SELECT privilege↗2007-05-17

▶

💬Community

Bugzilla

CVE-2007-2691 CVE-2007-2692 CVE-2007-2693 mysql various flaws [FC6]↗2007-06-13

▶

Bugzilla

CVE-2007-2691 CVE-2007-2692 CVE-2007-2693 mysql various flaws [F7]↗2007-06-13

▶

Bugzilla

CVE-2007-2693 An error message discloses sensitive information to user without SELECT privilege↗2007-05-29

▶