Lucene search

K

MitreCVELIST:CVE-2006-4227

HistoryAug 18, 2006 - 7:55 p.m.

CVE-2006-4227

2006-08-1819:55:00

mitre

www.cve.org

1

6.2 Medium

AI Score

Confidence

Low

0.08 Low

EPSS

Percentile

94.3%

MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine’s definer instead of the routine’s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.

References

bugs.mysql.com/bug.php?id=18630

dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html

lists.mysql.com/commits/7918

secunia.com/advisories/21506

secunia.com/advisories/21770

secunia.com/advisories/22080

secunia.com/advisories/30351

securitytracker.com/id?1016709

www.novell.com/linux/security/advisories/2006_23_sr.html

www.redhat.com/support/errata/RHSA-2007-0083.html

www.redhat.com/support/errata/RHSA-2008-0364.html

www.securityfocus.com/bid/19559

www.ubuntu.com/usn/usn-338-1

www.vupen.com/english/advisories/2006/3306

exchange.xforce.ibmcloud.com/vulnerabilities/28442

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105

6.2 Medium

AI Score

Confidence

Low

0.08 Low

EPSS

Percentile

94.3%

Related for CVELIST:CVE-2006-4227

freebsd1 nvd1 ubuntucve1 veracode1 openvas6 cve1 nessus8 ubuntu1 redhat2 oraclelinux1