MySQL Server Remote Execution Vulnerability in 5.1.x and 6.0.x
CVE-2007-6313

Currently unrated

Key Information:

Vendor

Mysql

Status
Mysql Community Server
Vendor
CVE Published:
18 February 2008

What is CVE-2007-6313?

MySQL Server versions 5.1.x before 5.1.23 and 6.0.x before 6.0.4 are impacted by a vulnerability that fails to properly check the permissions of users executing BINLOG statements. This oversight allows remote authorized users to execute arbitrary BINLOG commands, potentially compromising the integrity and operation of the database. Administrators are advised to review the applicable updates and implement necessary security measures to mitigate the risk associated with this vulnerability.

References

http://osvdb.org/43179
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2008/0560/references
vdb-entryx_refsource_VUPEN
http://bugs.mysql.com/31611
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.