2.1

CVE-2005-0711

Exploit
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Version4.1.0
MysqlMysql Version4.1.3
MysqlMysql Version4.1.10
OracleMysql Version3.23.49
OracleMysql Version4.0.0
OracleMysql Version4.0.1
OracleMysql Version4.0.2
OracleMysql Version4.0.3
OracleMysql Version4.0.4
OracleMysql Version4.0.5
OracleMysql Version4.0.5a
OracleMysql Version4.0.6
OracleMysql Version4.0.7
OracleMysql Version4.0.7 Updategamma
OracleMysql Version4.0.8
OracleMysql Version4.0.8 Updategamma
OracleMysql Version4.0.9
OracleMysql Version4.0.9 Updategamma
OracleMysql Version4.0.10
OracleMysql Version4.0.11
OracleMysql Version4.0.11 Updategamma
OracleMysql Version4.0.12
OracleMysql Version4.0.13
OracleMysql Version4.0.14
OracleMysql Version4.0.15
OracleMysql Version4.0.18
OracleMysql Version4.0.20
OracleMysql Version4.0.21
OracleMysql Version4.0.23
OracleMysql Version4.1.0 Updatealpha
OracleMysql Version4.1.2 Updatealpha
OracleMysql Version4.1.3 Updatebeta
OracleMysql Version4.1.4
OracleMysql Version4.1.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.7% 0.743
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://www.debian.org/security/2005/dsa-707
Exploit
http://www.trustix.org/errata/2005/0009/
Patch
http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2005:060
http://www.novell.com/linux/security/advisories/2005_19_mysql.html
Patch
http://www.redhat.com/support/errata/RHSA-2005-334.html
Patch
http://www.redhat.com/support/errata/RHSA-2005-348.html
http://www.securityfocus.com/bid/12781
Patch
https://usn.ubuntu.com/96-1/
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html
Exploit
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591