CVE-2006-7216 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-7216 Interim 1 11 2025-04-22T23:49:30Z current 2021-05-30T12:37:29Z 2025-04-22T23:49:30Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-7216 Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed derby-10.11.1.1-3.2 derby-10.3.1.4-1.16 derby-javadoc-10.11.1.1-3.2 derby-10.3.1.4-1.16 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 derby-10.11.1.1-3.2 as a component of openSUSE Tumbleweed derby-javadoc-10.11.1.1-3.2 as a component of openSUSE Tumbleweed Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables. CVE-2006-7216 SUSE Linux Enterprise Software Development Kit 11 SP4:derby-10.3.1.4-1.16 openSUSE Tumbleweed:derby-10.11.1.1-3.2 openSUSE Tumbleweed:derby-javadoc-10.11.1.1-3.2 low 4 AV:N/AC:L/Au:S/C:N/I:N/A:P