{"api_version":"1","generated_at":"2026-05-13T11:01:01+00:00","cve":"CVE-2007-5969","urls":{"html":"https://cve.report/CVE-2007-5969","api":"https://cve.report/api/cve/CVE-2007-5969.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5969","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5969"},"summary":{"title":"CVE-2007-5969","description":"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-12-10 19:46:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.1","severity":"","vector":"AV:N/AC:H/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:C/I:C/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2008/0560/references","name":"http://www.vupen.com/english/advisories/2008/0560/references","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/4198","name":"http://www.vupen.com/english/advisories/2007/4198","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28099","name":"http://secunia.com/advisories/28099","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Red Hat update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/559-1/","name":"https://usn.ubuntu.com/559-1/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"USN-559-1: MySQL vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html","name":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL ::   MySQL 3.23, 4.0, 4.1 Reference Manual :: B.1.2 Changes in  MySQL 4.1.24 (01 March 2008)","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/32222","name":"http://secunia.com/advisories/32222","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2008/1000/references","name":"http://www.vupen.com/english/advisories/2008/1000/references","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28063","name":"http://secunia.com/advisories/28063","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"MySQL Security Issue and Two Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html","name":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL AB ::   MySQL 5.0 Reference Manual :: C.1.3 Release Notes for  MySQL Enterprise 5.0.52 [MRU] (30 Nov 2007)","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2008/2780","name":"http://www.vupen.com/english/advisories/2008/2780","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959","name":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27981","name":"http://secunia.com/advisories/27981","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"MySQL System Table Information Overwrite Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://forums.mysql.com/read.php?3%2C186931%2C186931","name":"http://forums.mysql.com/read.php?3%2C186931%2C186931","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL AB ::  MySQL 5.0.51 has been released","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"http://bugs.mysql.com/32111","name":"http://bugs.mysql.com/32111","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL Bugs: Access denied","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html","name":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[security-announce] SUSE Security Summary Report SUSE-SR:2008:003","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28040","name":"http://secunia.com/advisories/28040","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Mandriva update for MySQL - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1157.html","name":"http://www.redhat.com/support/errata/RHSA-2007-1157.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html","name":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28838","name":"http://secunia.com/advisories/28838","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"SUSE Update for Multiple Packages - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1019060","name":"http://www.securitytracker.com/id?1019060","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28343","name":"http://secunia.com/advisories/28343","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Debian update for mysql-dfsg-5.0 - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.apple.com/kb/HT3216","name":"http://support.apple.com/kb/HT3216","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"About Security Update 2008-007","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200804-04.xml","name":"http://security.gentoo.org/glsa/glsa-200804-04.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gentoo Linux Documentation\n--\n  MySQL: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/4142","name":"http://www.vupen.com/english/advisories/2007/4142","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html","name":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28559","name":"http://secunia.com/advisories/28559","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rPath update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28108","name":"http://secunia.com/advisories/28108","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Slackware update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.mysql.com/announce/495","name":"http://lists.mysql.com/announce/495","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"MySQL Lists: announce: MySQL 5.0.51 has been released","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28128","name":"http://secunia.com/advisories/28128","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Ubuntu update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/29706","name":"http://secunia.com/advisories/29706","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Gentoo update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2008/dsa-1451","name":"http://www.debian.org/security/2008/dsa-1451","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-1451-1 mysql-dfsg-5.0","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28025","name":"http://secunia.com/advisories/28025","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Fedora update for mysql - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","name":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"APPLE-SA-2008-10-09 Security Update 2008-007","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://issues.rpath.com/browse/RPL-1999","name":"https://issues.rpath.com/browse/RPL-1999","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securityfocus.com/bid/31681","name":"http://www.securityfocus.com/bid/31681","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/486477/100/0/threaded","name":"http://www.securityfocus.com/archive/1/486477/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/26765","name":"http://www.securityfocus.com/bid/26765","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL Server RENAME TABLE System Table Overwrite Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1155.html","name":"http://www.redhat.com/support/errata/RHSA-2007-1155.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html","name":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"MySQL AB ::   MySQL 5.0 Reference Manual :: D.1.1 Release Notes for  MySQL Community Server 5.0.51 (15 November 2007)","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://forums.mysql.com/read.php?3,186931,186931","name":"CONFIRM:http://forums.mysql.com/read.php?3,186931,186931","refsource":"MITRE","tags":[],"title":"MySQL AB ::  MySQL 5.0.51 has been released","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5969","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5969","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"community_server","cpe6":"5.0.41","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"community_server","cpe6":"5.0.44","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"community_server","cpe6":"5.0.45","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"5.0.50","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"community_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_enterprise_server","cpe6":"5.0.50","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_server","cpe6":"5.1.22","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_server","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_server","cpe6":"6.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_server","cpe6":"6.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5969","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mysql","cpe5":"mysql_server","cpe6":"6.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:47:00.554Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"28343","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28343"},{"name":"GLSA-200804-04","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-200804-04.xml"},{"name":"29706","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/29706"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugs.mysql.com/32111"},{"name":"oval:org.mitre.oval:def:10509","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"},{"name":"31681","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/31681"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"},{"name":"DSA-1451","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2008/dsa-1451"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"},{"name":"1019060","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1019060"},{"name":"ADV-2007-4142","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/4142"},{"name":"USN-559-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/559-1/"},{"name":"20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/486477/100/0/threaded"},{"name":"ADV-2008-1000","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/1000/references"},{"name":"SSA:2007-348-01","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959"},{"name":"ADV-2008-0560","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/0560/references"},{"name":"26765","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/26765"},{"name":"FEDORA-2007-4465","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"},{"name":"28040","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28040"},{"name":"RHSA-2007:1157","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2007-1157.html"},{"name":"28099","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28099"},{"name":"28559","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28559"},{"name":"32222","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/32222"},{"name":"27981","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27981"},{"name":"ADV-2007-4198","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/4198"},{"name":"FEDORA-2007-4471","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"},{"name":"[Announcements] 20071206 MySQL 5.0.51 has been released","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.mysql.com/announce/495"},{"name":"RHSA-2007:1155","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2007-1155.html"},{"name":"28108","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28108"},{"name":"28025","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28025"},{"name":"ADV-2008-2780","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://forums.mysql.com/read.php?3%2C186931%2C186931"},{"name":"28838","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28838"},{"name":"28128","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28128"},{"name":"MDKSA-2007:243","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"},{"name":"28063","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/28063"},{"name":"SUSE-SR:2008:003","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"},{"name":"APPLE-SA-2008-10-09","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.apple.com/kb/HT3216"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://issues.rpath.com/browse/RPL-1999"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-12-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-15T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"28343","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28343"},{"name":"GLSA-200804-04","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-200804-04.xml"},{"name":"29706","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/29706"},{"tags":["x_refsource_CONFIRM"],"url":"http://bugs.mysql.com/32111"},{"name":"oval:org.mitre.oval:def:10509","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"},{"name":"31681","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/31681"},{"tags":["x_refsource_CONFIRM"],"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"},{"name":"DSA-1451","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2008/dsa-1451"},{"tags":["x_refsource_CONFIRM"],"url":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"},{"name":"1019060","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1019060"},{"name":"ADV-2007-4142","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/4142"},{"name":"USN-559-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/559-1/"},{"name":"20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/486477/100/0/threaded"},{"name":"ADV-2008-1000","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/1000/references"},{"name":"SSA:2007-348-01","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959"},{"name":"ADV-2008-0560","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/0560/references"},{"name":"26765","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/26765"},{"name":"FEDORA-2007-4465","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"},{"name":"28040","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28040"},{"name":"RHSA-2007:1157","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2007-1157.html"},{"name":"28099","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28099"},{"name":"28559","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28559"},{"name":"32222","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/32222"},{"name":"27981","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27981"},{"name":"ADV-2007-4198","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/4198"},{"name":"FEDORA-2007-4471","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"},{"name":"[Announcements] 20071206 MySQL 5.0.51 has been released","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.mysql.com/announce/495"},{"name":"RHSA-2007:1155","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2007-1155.html"},{"name":"28108","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28108"},{"name":"28025","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28025"},{"name":"ADV-2008-2780","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"tags":["x_refsource_CONFIRM"],"url":"http://forums.mysql.com/read.php?3%2C186931%2C186931"},{"name":"28838","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28838"},{"name":"28128","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28128"},{"name":"MDKSA-2007:243","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"},{"name":"28063","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/28063"},{"name":"SUSE-SR:2008:003","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"},{"name":"APPLE-SA-2008-10-09","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.apple.com/kb/HT3216"},{"tags":["x_refsource_CONFIRM"],"url":"https://issues.rpath.com/browse/RPL-1999"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5969","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"28343","refsource":"SECUNIA","url":"http://secunia.com/advisories/28343"},{"name":"GLSA-200804-04","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200804-04.xml"},{"name":"29706","refsource":"SECUNIA","url":"http://secunia.com/advisories/29706"},{"name":"http://bugs.mysql.com/32111","refsource":"CONFIRM","url":"http://bugs.mysql.com/32111"},{"name":"oval:org.mitre.oval:def:10509","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509"},{"name":"31681","refsource":"BID","url":"http://www.securityfocus.com/bid/31681"},{"name":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html","refsource":"CONFIRM","url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html"},{"name":"DSA-1451","refsource":"DEBIAN","url":"http://www.debian.org/security/2008/dsa-1451"},{"name":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html","refsource":"CONFIRM","url":"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html"},{"name":"1019060","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1019060"},{"name":"ADV-2007-4142","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/4142"},{"name":"USN-559-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/559-1/"},{"name":"20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/486477/100/0/threaded"},{"name":"ADV-2008-1000","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/1000/references"},{"name":"SSA:2007-348-01","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959"},{"name":"ADV-2008-0560","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/0560/references"},{"name":"26765","refsource":"BID","url":"http://www.securityfocus.com/bid/26765"},{"name":"FEDORA-2007-4465","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html"},{"name":"28040","refsource":"SECUNIA","url":"http://secunia.com/advisories/28040"},{"name":"RHSA-2007:1157","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1157.html"},{"name":"28099","refsource":"SECUNIA","url":"http://secunia.com/advisories/28099"},{"name":"28559","refsource":"SECUNIA","url":"http://secunia.com/advisories/28559"},{"name":"32222","refsource":"SECUNIA","url":"http://secunia.com/advisories/32222"},{"name":"27981","refsource":"SECUNIA","url":"http://secunia.com/advisories/27981"},{"name":"ADV-2007-4198","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/4198"},{"name":"FEDORA-2007-4471","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html"},{"name":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html","refsource":"CONFIRM","url":"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html"},{"name":"[Announcements] 20071206 MySQL 5.0.51 has been released","refsource":"MLIST","url":"http://lists.mysql.com/announce/495"},{"name":"RHSA-2007:1155","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1155.html"},{"name":"28108","refsource":"SECUNIA","url":"http://secunia.com/advisories/28108"},{"name":"28025","refsource":"SECUNIA","url":"http://secunia.com/advisories/28025"},{"name":"ADV-2008-2780","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/2780"},{"name":"http://forums.mysql.com/read.php?3,186931,186931","refsource":"CONFIRM","url":"http://forums.mysql.com/read.php?3,186931,186931"},{"name":"28838","refsource":"SECUNIA","url":"http://secunia.com/advisories/28838"},{"name":"28128","refsource":"SECUNIA","url":"http://secunia.com/advisories/28128"},{"name":"MDKSA-2007:243","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:243"},{"name":"28063","refsource":"SECUNIA","url":"http://secunia.com/advisories/28063"},{"name":"SUSE-SR:2008:003","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"},{"name":"APPLE-SA-2008-10-09","refsource":"APPLE","url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"name":"http://support.apple.com/kb/HT3216","refsource":"CONFIRM","url":"http://support.apple.com/kb/HT3216"},{"name":"https://issues.rpath.com/browse/RPL-1999","refsource":"CONFIRM","url":"https://issues.rpath.com/browse/RPL-1999"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5969","datePublished":"2007-12-10T19:00:00.000Z","dateReserved":"2007-11-14T00:00:00.000Z","dateUpdated":"2024-08-07T15:47:00.554Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-12-10 19:46:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:C/I:C/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_server:5.1.22:*:*:*:*:*:*:*","matchCriteriaId":"BB22F327-7795-4B25-B40E-5684F2A5B0BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"0714FFD1-72F8-40DA-8BD9-80A160B4EBE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_server:6.0.1:*:*:*:*:*:*:*","matchCriteriaId":"5B02C419-7843-4400-9223-B9632A183FCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_server:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"A9FF4637-F6CF-40FD-AE36-EA8B9C1ECBB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_server:6.0.3:*:*:*:*:*:*:*","matchCriteriaId":"4DF9852D-A35F-49A8-9886-49991DD864F2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:community_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.0.50","matchCriteriaId":"8ED15232-83F0-4A63-8E8B-79B0C2BF80F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:community_server:5.0.41:*:*:*:*:*:*:*","matchCriteriaId":"5FAA5C79-6D2D-45BF-A392-0EA4F9D3C727"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:community_server:5.0.44:*:*:*:*:*:*:*","matchCriteriaId":"9E670333-0E50-42D5-8D67-B1F565FFD59A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:community_server:5.0.45:*:*:*:*:*:*:*","matchCriteriaId":"9C576BBB-9A3B-4BDD-A362-00F65627284A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mysql:mysql_enterprise_server:5.0.50:*:*:*:*:*:*:*","matchCriteriaId":"7C003A85-4802-4B55-A7EA-5229A0FDEDB3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5969","Ordinal":"1","Title":"CVE-2007-5969","CVE":"CVE-2007-5969","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5969","Ordinal":"1","NoteData":"MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.","Type":"Description","Title":"CVE-2007-5969"},{"CveYear":"2007","CveId":"5969","Ordinal":"2","NoteData":"2007-12-10","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5969","Ordinal":"3","NoteData":"2018-10-15","Type":"Other","Title":"Modified"}]}}}