CVE-2006-4227
Description
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routines definer instead of the routines caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
12.486
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities affected in Mysql 5.1.9 | Windows |
| Multiple vulnerabilities affected in Mysql 5.1.9 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234