CVE-2006-7217 in Apache Derbyinfo

Summary

Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.

Reservation

07/05/2007

Disclosure

07/05/2007

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
37647Apache Derby Authorization
 
Not definedOfficial fixCVE-2006-7217

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!