Vulnerability Details : CVE-2010-1848
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Vulnerability category: Directory traversal
Threat overview for CVE-2010-1848
Top countries where our scanners detected CVE-2010-1848
Top open port discovered on systems with this issue
3306
IPs affected by CVE-2010-1848 16,576
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-1848!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-1848
Probability of exploitation activity in the next 30 days: 0.44%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 71 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-1848
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2010-1848
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-1848
-
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html
MySQL :: Page Not Found
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7210
Repository / Oval Repository
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10258
Repository / Oval Repository
-
http://securitytracker.com/id?1024031
MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTracker
-
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Apple - Lists.apple.com
-
http://www.redhat.com/support/errata/RHSA-2010-0442.html
Support
-
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:019
-
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
MySQL :: Page Not Found
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:107
mandriva.com
-
http://support.apple.com/kb/HT4435
We're sorry.
-
http://lists.mysql.com/commits/107532
MySQL Lists: commits: bzr commit into mysql-5.0 branch (sunanda.menon:2862) Bug#53371
-
http://www.ubuntu.com/usn/USN-1397-1
USN-1397-1: MySQL vulnerabilities | Ubuntu security notices
-
http://bugs.mysql.com/bug.php?id=53371
MySQL Bugs: #53371: Parent directory entry ("..") can be abused to bypass table level grants.
-
http://www.redhat.com/support/errata/RHSA-2010-0824.html
Support
-
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:021
Products affected by CVE-2010-1848
- cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.67:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.85:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.86:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.88:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.89:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.90:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.91:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.34:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.84:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.37:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.87:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.45b:*:*:*:*:*:*:*