VYPR
Unrated severityNVD Advisory· Published May 16, 2007· Updated Jun 16, 2026

CVE-2007-2691

CVE-2007-2691

Description

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • MySQL/MySQL2 versions
    cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*range: <=4.1.22
    • (no CPE)range: <4.1.23, <5.0.42, <5.1.18
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

32

News mentions

0

No linked articles in our index yet.