CVE-2005-0004

medium

Description

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

References

Advisories
More

https://exchange.xforce.ibmcloud.com/vulnerabilities/18922

http://www.securityfocus.com/bid/12277

http://marc.info/?l=bugtraq&m=110608297217224&w=2

http://lists.mysql.com/internals/20600

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947

http://www.debian.org/security/2005/dsa-647

http://secunia.com/advisories/13867

Details

Source: Mitre, NVD

Published: 2005-04-14

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N