« List of all CVEs

CVE-2007-2691

Published: 5/16/2007 Last updated: 8/7/2024 Reserved: 5/15/2007

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-mysql

Products affected (1)

Product Vendor Version
n/a n/a 7.1(3)N1(3)

References (64)