Description

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

Remediation

References

CVE-2005-2573

Related Vulnerabilities

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.15)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Cross-Site Scripting Vulnerabilities (1.8.4.2)

WebLogic CVE-2022-21292 Vulnerability (CVE-2022-21292)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9854)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)

Severity

Medium

Classification

CVE-2005-2573

Tags

Missing Update Known Vulnerabilities