MySQL 4.0.23 and previous versions, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mysql mysql 4.1.10 |
||
mysql mysql 4.1.0 |
||
mysql mysql 4.1.3 |
||
oracle mysql 3.23.49 |
||
oracle mysql 4.0.0 |
||
oracle mysql 4.0.1 |
||
oracle mysql 4.0.2 |
||
oracle mysql 4.0.3 |
||
oracle mysql 4.0.4 |
||
oracle mysql 4.0.5 |
||
oracle mysql 4.0.5a |
||
oracle mysql 4.0.6 |
||
oracle mysql 4.0.7 |
||
oracle mysql 4.0.8 |
||
oracle mysql 4.0.9 |
||
oracle mysql 4.0.10 |
||
oracle mysql 4.0.11 |
||
oracle mysql 4.0.12 |
||
oracle mysql 4.0.13 |
||
oracle mysql 4.0.14 |
||
oracle mysql 4.0.15 |
||
oracle mysql 4.0.18 |
||
oracle mysql 4.0.20 |
||
oracle mysql 4.0.21 |
||
oracle mysql 4.0.23 |
||
oracle mysql 4.1.0 |
||
oracle mysql 4.1.2 |
||
oracle mysql 4.1.3 |
||
oracle mysql 4.1.4 |
||
oracle mysql 4.1.5 |