4.6

CVE-2008-4097

EPSS 0.72%
Veröffentlicht 18.09.2008 15:04:27
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Mysql Version5.0.51a

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.72%	0.701

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:N/AC:H/Au:S/C:P/I:P/A:P

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

Third Party Advisory

http://secunia.com/advisories/32759

Vendor Advisory

http://secunia.com/advisories/32769

Broken Link

Not Applicable

http://www.ubuntu.com/usn/USN-671-1

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2009:094

Broken Link

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25

Third Party Advisory

http://www.openwall.com/lists/oss-security/2008/09/09/20

Mailing List

http://www.openwall.com/lists/oss-security/2008/09/16/3

Mailing List

https://exchange.xforce.ibmcloud.com/vulnerabilities/45648

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-4097

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4097

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4097

EUVD