CVE-2005-0004

medium

Description

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18922

http://www.securityfocus.com/bid/12277

http://www.debian.org/security/2005/dsa-647

http://secunia.com/advisories/13867

http://marc.info/?l=bugtraq&m=110608297217224&w=2

http://lists.mysql.com/internals/20600

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947

Details

Source: Mitre, NVD

Published: 2005-04-14

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium