Oracle Mysql version 5.1.9 : Security vulnerabilities, CVEs published in 2007

cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*

Copy

CVE-2007-2693

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

Max CVSS

3.5

EPSS Score

0.27%

Published

2007-05-16

Updated

2019-12-17

CVE-2007-2692

The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

Max CVSS

6.0

EPSS Score

1.45%

Published

2007-05-16

Updated

2019-12-17

CVE-2007-2583

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

Max CVSS

4.0

EPSS Score

0.28%

Published

2007-05-10

Updated

2021-11-08

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!