Vulnerability Details : CVE-2007-6304

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

Vulnerability category: Denial of service

Published 2007-12-10 21:46:00

Updated 2019-12-17 20:16:23

Source MITRE

View at NVD, CVE.org

Threat overview for CVE-2007-6304

Top countries where our scanners detected CVE-2007-6304

Top open port discovered on systems with this issue 3306

IPs affected by CVE-2007-6304 1,524

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2007-6304!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2007-6304

Probability of exploitation activity in the next 30 days: 1.46%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6304

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

Vendor statements for CVE-2007-6304

Red Hat 2007-12-14

Not vulnerable. The MySQL versions as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 do not support federated storage engine. The MySQL package as shipped in Red Hat Enterprise Linux 5, Red Hat Application Stack v1, and Red Hat Application Stack v2 are not compiled with support for federated storage engine.

References for CVE-2007-6304

Products affected by CVE-2007-6304

Oracle » Mysql » Version: 5.0.33
cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.0 Update Alpha
cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.18
cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.12
cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.13
cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.3 Update Beta
cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.14
cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.6
cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.7
cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.8
cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.9
cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.11
cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.19
cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.21
cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.10
cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.11
cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.22
cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.1
cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.2
cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.41
cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.27
cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.15
cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.16
cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.12
cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.17
cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.13
cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.1.14
cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.37
cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 6.0.2
cpe:2.3:a:oracle:mysql:6.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 6.0.3
cpe:2.3:a:oracle:mysql:6.0.3:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 6.0.0
cpe:2.3:a:oracle:mysql:6.0.0:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 6.0.1
cpe:2.3:a:oracle:mysql:6.0.1:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.1
cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.2
cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.3
cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.4
cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.15
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.5
cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.16
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.17
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.10
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.20
cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.0
cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.5.0.21
cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.22.1.0.1
cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.24
cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*
Matching versions