Schema Privilege Bypass in Apache Derby by The Apache Software Foundation
CVE-2006-7217

Currently unrated

Key Information:

Vendor

Apache
Status
Derby
Vendor
CVE Published:
5 July 2007

What is CVE-2006-7217?

Apache Derby versions prior to 10.2.1.6 does not correctly ascertain the schema privilege requirements during the DropSchemaNode bind phase. This oversight permits remote authenticated users to execute unauthorized drop schema statements when operating in SQL authorization mode, compromising the database's integrity and potentially leading to severe data loss.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/linux/security/advisories/suse_secu...
vendor-advisoryx_refsource_SUSE
http://db.apache.org/derby/releases/release-10.2.1.6.html
x_refsource_CONFIRM
http://issues.apache.org/jira/browse/DERBY-1858
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.