CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2007-6313
https://notcve.org/view.php?id=CVE-2007-6313
18 Feb 2008 — MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements. MySQL Server 5.1.x antes de 5.1.23 y 6.0.x antes de 6.0.4 no comprueba los privilegios de entidad ejecutando BINLOG, lo que permite a usuarios autorizados remotamente ejecutar sentencias BINLOG de su elección. • http://bugs.mysql.com/31611 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 1CVE-2007-5969 – mysql: possible system table information overwrite using symlinks
https://notcve.org/view.php?id=CVE-2007-5969
10 Dec 2007 — MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. MySQL Community Server versiones 5.0.x anteriores a 5.0.51, Enterprise Server versiones 5.0.x... • http://bugs.mysql.com/32111 • CWE-264: Permissions, Privileges, and Access Controls •