MySQL 3.x prior to 3.23.59, 4.x prior to 4.0.19, 4.1.x prior to 4.1.2, and 5.x prior to 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow malicious users to conduct unauthorized activities.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle mysql |
||
mysql mysql |
||
debian debian linux 3.0 |