CVE-2006-4226

Advisory lineage Upstream: 0 Downstream: 6

Downstream

DSA-1169 OPENSUSE-SU-2024:11038-1 RHSA-2007:0083 RHSA-2007:0152 SUSE-RU-2023:3956-1 SUSE-RU-2023:4991-1

Modified

Published: 18 Aug 2006, 19:55

Last modified:07 Aug 2024, 18:57

Vulnerability Summary

Overall Risk (default)

medium

25/100

CVSS Score

3.6 LOW

v2.0 (nvd)

EPSS Score

0.61% LOW

1% probability -0.20%

KEV

Not listed

Ransomware

No reports

Public exploits

3 found

Dark Web

Not detected

Timeline

18 Aug 2006, 19:55

Published

Vulnerability first disclosed

07 Aug 2024, 18:57

Last Modified

Vulnerability information updated

Description

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

CVSS Metrics

v2.0•LOW•Score: 3.6AV:N/AC:H/Au:S/C:P/I:P/A:N

EPSS Trends

Current EPSS score: 0.61%• Percentile: 70%

Affected Systems

mysql•mysql
4.1.0 | 4.1.2 | 4.1.3 | 4.1.8 | 4.1.10 | 4.1.12 | 4.1.13 | 4.1.14 | 4.1.15 | 5.0.0 | 5.0.1 | 5.0.2 | 5.0.3 | 5.0.4 | 5.0.5 | 5.0.5.0.21 | 5.0.10 | 5.0.15 | 5.0.16 | 5.0.17 | 5.0.20 | 5.0.22.1.0.1 | 5.1.5
oracle•mysql
4.0.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.0.5 | 4.0.5a | 4.0.6 | 4.0.7 | 4.0.7:gamma | 4.0.8 | 4.0.8:gamma | 4.0.9 | 4.0.9:gamma | 4.0.10 | 4.0.11 | 4.0.11:gamma | 4.0.12 | 4.0.13 | 4.0.14 | 4.0.15 | 4.0.16 | 4.0.17 | 4.0.18 | 4.0.19 | 4.0.20 | 4.0.21 | 4.0.23 | 4.0.24 | 4.0.25 | 4.0.26 | 4.0.27 | 4.1.0:alpha | 4.1.1 | 4.1.2:alpha | 4.1.3:beta | 4.1.4 | 4.1.5 | 4.1.6 | 4.1.7 | 4.1.9 | 4.1.11 | 4.1.16 | 4.1.17 | 4.1.18 | 4.1.19 | 4.1.20 | 4.1.21 | 5.0.0:alpha | 5.0.3:beta | 5.0.6 | 5.0.7 | 5.0.8 | 5.0.9 | 5.0.11 | 5.0.12 | 5.0.13 | 5.0.14 | 5.0.18 | 5.0.19 | 5.0.21 | 5.0.22 | 5.1.1 | 5.1.2 | 5.1.3 | 5.1.4 | 5.1.6 | 5.1.7 | 5.1.8 | 5.1.9 | 5.1.10 | 5.1.11