← Back

CVE-2005-0004

nvd nist
Published: Apr 14, 2005Modified: Apr 16, 2026

JSON object

Loading...
4.6
Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 3.9 / Impact: 6.4
Source: NVD

Description

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

Affected (5)

Oracle
1 product
Mysql
Debian
1 product
Debian Linux
Mariadb
1 product
Mariadb
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Mysql
From 4.0.0 to 4.0.23
Mysql
From 4.1.0 to 4.1.10
Mysql
From 5.0.0 to 5.0.3
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 3.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Mariadb
From 5.5.0 to 5.5.66

Related CWEs

CWE-59
Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (20)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
PatchThird Party AdvisoryVDB EntryVendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.