CVE-2008-7247 in MySQLinfo

Summary

sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/25/2009

Disclosure

11/30/2009

Moderation

VulDB entry created

Entries

VDB-50960 (1)

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

6.3

EPSS

0.00245

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-7247
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-7247
CVE Details	https://www.cvedetails.com/cve/CVE-2008-7247/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!