MySQL Enterprise Server v.5.0.52 multiple vulnerabilities

  • The MySQL Enterprise Server is affected by multiple vulnerabilities.
    1. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information.
    2. ALTER VIEW retained the original DEFINER value, even when altered by another user, which could allow that user to gain the access rights of the view.
    3. When using a FEDERATED table, the local server can be forced to crash if the remote server returns a result with fewer columns than expected.
  • Upgrade the MySQL Enterprise Server tot the latest version.