Vulnerability Description
MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mysql | Mysql Community Server | 5.1.1 |
Related Weaknesses (CWE)
References
- http://bugs.mysql.com/31611
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://osvdb.org/43179
- http://www.securitytracker.com/id?1019083
- http://www.vupen.com/english/advisories/2008/0560/references
- http://bugs.mysql.com/31611
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
- http://osvdb.org/43179
- http://www.securitytracker.com/id?1019083
- http://www.vupen.com/english/advisories/2008/0560/references
FAQ
What is CVE-2007-6313?
CVE-2007-6313 is a vulnerability with a CVSS score of 6.5 (MEDIUM). MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
How severe is CVE-2007-6313?
CVE-2007-6313 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6313?
Check the references section above for vendor advisories and patch information. Affected products include: Mysql Mysql Community Server.