Описание
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 5.1.47-1ubuntu1 |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | not-affected | 5.1.47-1ubuntu1 |
| natty | not-affected | 5.1.47-1ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.0.22-0ubuntu6.06.14 |
| devel | DNE | |
| hardy | released | 5.0.51a-3ubuntu5.7 |
| jaunty | released | 5.1.30really5.0.75-0ubuntu10.5 |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 5.0.91 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | ignored | end of life |
| karmic | released | 5.1.37-1ubuntu5.4 |
| lucid | released | 5.1.41-3ubuntu12.3 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 5.1.47 |
Показывать по
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 ...
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
EPSS
6.5 Medium
CVSS2