CVE-2007-6304

Advisory lineage Upstream: 0 Downstream: 4

Downstream

DSA-1451-1 OPENSUSE-SU-2024:11038-1 SUSE-RU-2023:3956-1 SUSE-RU-2023:4991-1

Modified

Published: 10 Dec 2007, 21:00

Last modified:07 Aug 2024, 16:02

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

5 MEDIUM

v2.0 (nvd)

EPSS Score

4.92% LOW

5% probability +0.08%

KEV

Not listed

Ransomware

No reports

Public exploits

1 found

Dark Web

Not detected

Timeline

10 Dec 2007, 21:00

Published

Vulnerability first disclosed

07 Aug 2024, 16:02

Last Modified

Vulnerability information updated

Description

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

CVSS Metrics

v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 4.92%• Percentile: 90%

Affected Systems

mysql•mysql
5.0.0 | 5.0.1 | 5.0.2 | 5.0.3 | 5.0.4 | 5.0.5 | 5.0.5.0.21 | 5.0.10 | 5.0.15 | 5.0.16 | 5.0.17 | 5.0.20 | 5.0.22.1.0.1 | 5.0.24
oracle•mysql
5.0.0:alpha | 5.0.3:beta | 5.0.6 | 5.0.7 | 5.0.8 | 5.0.9 | 5.0.11 | 5.0.12 | 5.0.13 | 5.0.14 | 5.0.18 | 5.0.19 | 5.0.21 | 5.0.22 | 5.0.27 | 5.0.33 | 5.0.37 | 5.0.41 | 5.1.1 | 5.1.2 | 5.1.10 | 5.1.11 | 5.1.12 | 5.1.13 | 5.1.14 | 5.1.15 | 5.1.16 | 5.1.17 | 6.0.0 | 6.0.1 | 6.0.2 | 6.0.3