cbcvebase.
CVE-2007-5969
published 2007-12-10

CVE-2007-5969: MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table…

PriorityP336high7.1CVSS 2.0
AVNACHAuSCCICAC
EPSS
14.26%
96.1th percentile
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Affected

10 ranges
VendorProductVersion rangeFixed in
mysqlcommunity_server<= 5.0.50
mysqlcommunity_server
mysqlcommunity_server
mysqlcommunity_server
mysqlmysql_enterprise_server
mysqlmysql_server
mysqlmysql_server
mysqlmysql_server
mysqlmysql_server
mysqlmysql_server

CVSS provenance

nvdv2.07.1HIGHAV:N/AC:H/Au:S/C:C/I:C/A:C
vendor_redhat7.1HIGH
vendor_ubuntu4.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.