Published: 10/12/2007 Updated: 17/12/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The federated engine in MySQL 5.0.x prior to 5.0.51a, 5.1.x prior to 5.1.23, and 6.0.x prior to 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql 5.0.11
mysql mysql 5.0.17
oracle mysql 5.0.21
oracle mysql 5.0.22
oracle mysql 5.0.37
oracle mysql 5.0.7
oracle mysql 5.0.8
oracle mysql 5.1.15
oracle mysql 5.1.16
mysql mysql 5.0.1
mysql mysql 5.0.10
mysql mysql 5.0.16
mysql mysql 5.0.20
oracle mysql 5.0.3
oracle mysql 5.0.33
mysql mysql 5.0.5.0.21
oracle mysql 5.0.6
oracle mysql 5.1.13
oracle mysql 5.1.14
oracle mysql 6.0.2
oracle mysql 6.0.3
oracle mysql 5.0.0
oracle mysql 5.0.14
mysql mysql 5.0.15
oracle mysql 5.0.19
mysql mysql 5.0.2
oracle mysql 5.0.27
mysql mysql 5.0.3
mysql mysql 5.0.5
oracle mysql 5.1.11
oracle mysql 5.1.12
oracle mysql 6.0.0
oracle mysql 6.0.1
mysql mysql 5.0.0
oracle mysql 5.0.12
oracle mysql 5.0.13
oracle mysql 5.0.18
mysql mysql 5.0.22.1.0.1
mysql mysql 5.0.24
mysql mysql 5.0.4
oracle mysql 5.0.41
oracle mysql 5.0.9
oracle mysql 5.1.1
oracle mysql 5.1.10
oracle mysql 5.1.17
oracle mysql 5.1.2

Joe Gallo and Artem Russakovskii discovered that the InnoDB engine in MySQL did not properly perform input validation An authenticated user could use a crafted CONTAINS statement to cause a denial of service (CVE-2007-5925) ...

Several local/remote vulnerabilities have been discovered in the MySQL database server The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3781 It was discovered that the privilege validation for the source table of CREATE TABLE LIKE statements was insufficiently enforced, which might lea ...

NVD-CWE-Other http://bugs.mysql.com/bug.php?id=29801 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html http://www.debian.org/security/2008/dsa-1451 http://www.securityfocus.com/bid/26832 http://securitytracker.com/id?1019085 http://secunia.com/advisories/28063 http://secunia.com/advisories/28128 http://secunia.com/advisories/28343 http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 http://lists.mysql.com/announce/502 https://issues.rpath.com/browse/RPL-2187 http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 http://secunia.com/advisories/28637 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://secunia.com/advisories/28739 http://secunia.com/advisories/28838 http://security.gentoo.org/glsa/glsa-200804-04.xml http://secunia.com/advisories/29706 http://www.vupen.com/english/advisories/2007/4198 http://osvdb.org/42609 https://exchange.xforce.ibmcloud.com/vulnerabilities/38990 https://usn.ubuntu.com/559-1/http://www.securityfocus.com/archive/1/487606/100/0/threaded https://usn.ubuntu.com/559-1/https://nvd.nist.gov

CVE-2007-6304

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect