4.6

CVE-2008-4097

MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleMysql Version5.0.51a
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.85% 0.763
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:N/AC:H/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
Third Party Advisory
http://secunia.com/advisories/32759
Vendor Advisory
http://secunia.com/advisories/32769
Broken Link
Not Applicable
http://www.ubuntu.com/usn/USN-671-1
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
Broken Link
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/09/20
Mailing List
http://www.openwall.com/lists/oss-security/2008/09/16/3
Mailing List
https://exchange.xforce.ibmcloud.com/vulnerabilities/45648
VDB Entry