Description

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Remediation

References

CVE-2005-0711

Related Vulnerabilities

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5333)

WebLogic CVE-2021-2403 Vulnerability (CVE-2021-2403)

WordPress Plugin WooCommerce Object Injection (2.3.10)

WordPress Plugin IP Ban Cross-Site Request Forgery (1.2.3)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)

Severity

Low

Classification

CVE-2005-0711

Tags

Missing Update Known Vulnerabilities