CVE-2007-2693 | Vulnerability Database | Aqua Security

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

Affected Software

Name	Vendor	Start Version	End Version
Mysql	Mysql	5.1.5 (including)	5.1.5 (including)
Mysql	Oracle	5.1.6 (including)	5.1.6 (including)
Mysql	Oracle	5.1.9 (including)	5.1.9 (including)
Mysql	Oracle	5.1.10 (including)	5.1.10 (including)
Mysql	Oracle	5.1.11 (including)	5.1.11 (including)
Mysql	Oracle	5.1.12 (including)	5.1.12 (including)
Mysql	Oracle	5.1.13 (including)	5.1.13 (including)
Mysql	Oracle	5.1.14 (including)	5.1.14 (including)
Mysql	Oracle	5.1.15 (including)	5.1.15 (including)
Mysql	Oracle	5.1.16 (including)	5.1.16 (including)
Mysql	Oracle	5.1.17 (including)	5.1.17 (including)

References

http://bugs.mysql.com/bug.php?id=23675
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html
http://secunia.com/advisories/25301
http://www.securityfocus.com/bid/24008
http://www.securitytracker.com/id?1018071
http://www.vupen.com/english/advisories/2007/1804
https://exchange.xforce.ibmcloud.com/vulnerabilities/34349

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2693
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html