CVE-2010-1626
UnknownEPSS 0.49%
Last modified
CVE-2010-1626 is a vulnerability of currently unknown severity. MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.. EPSS estimates a 0.49% chance of exploitation in the next 30 days.
Description
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mysql | Mysql | <= 5.1.45 |
| Mysql | Mysql | 5.0.5.0.21 |
| Mysql | Mysql | 5.0.15 |
| Mysql | Mysql | 5.0.16 |
| Mysql | Mysql | 5.0.17 |
| Mysql | Mysql | 5.0.20 |
| Mysql | Mysql | 5.0.24 |
| Mysql | Mysql | 5.0.45b |
| Mysql | Mysql | 5.0.82 |
| Mysql | Mysql | 5.0.84 |
| Mysql | Mysql | 5.0.87 |
| Mysql | Mysql | 5.1.5 |
| Mysql | Mysql | 5.1.23 |
| Mysql | Mysql | 5.1.31 |
| Mysql | Mysql | 5.1.32 |
| Mysql | Mysql | 5.1.34 |
| Mysql | Mysql | 5.1.37 |
| Oracle | Mysql | 5.0.18 |
| Oracle | Mysql | 5.0.19 |
| Oracle | Mysql | 5.0.21 |
| Oracle | Mysql | 5.0.22 |
| Oracle | Mysql | 5.0.23 |
| Oracle | Mysql | 5.0.27 |
| Oracle | Mysql | 5.0.33 |
| Oracle | Mysql | 5.0.37 |
| Oracle | Mysql | 5.0.41 |
| Oracle | Mysql | 5.0.45 |
| Oracle | Mysql | 5.0.51 |
| Oracle | Mysql | 5.0.67 |
| Oracle | Mysql | 5.0.75 |
| Oracle | Mysql | 5.0.77 |
| Oracle | Mysql | 5.0.81 |
| Oracle | Mysql | 5.0.83 |
| Oracle | Mysql | 5.0.85 |
| Oracle | Mysql | 5.0.86 |
| Oracle | Mysql | 5.0.88 |
| Oracle | Mysql | 5.0.89 |
| Oracle | Mysql | 5.0.90 |
| Oracle | Mysql | 5.0.91 |
| Oracle | Mysql | 5.1.30 |
| Oracle | Mysql | 5.1.33 |
| Oracle | Mysql | 5.1.35 |
| Oracle | Mysql | 5.1.36 |
| Oracle | Mysql | 5.1.38 |
| Oracle | Mysql | 5.1.39 |
| Oracle | Mysql | 5.1.40 |
| Oracle | Mysql | 5.1.41 |
| Oracle | Mysql | 5.1.42 |
| Oracle | Mysql | 5.1.43 |
| Oracle | Mysql | 5.1.44 |
References
- http://www.vupen.com/english/advisories/2010/1194Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1194Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-1626?
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
How severe is CVE-2010-1626?
Severity scoring for CVE-2010-1626 is pending analysis. The EPSS model estimates a 0.49% probability of exploitation in the next 30 days.
How do I fix CVE-2010-1626?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2010-1626?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST