MySQL 4.0.23 and previous versions, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle mysql 4.0.0 |
||
oracle mysql 4.0.1 |
||
oracle mysql 4.0.15 |
||
oracle mysql 4.0.18 |
||
oracle mysql 4.0.5 |
||
oracle mysql 4.0.5a |
||
mysql mysql 4.1.0 |
||
oracle mysql 4.1.0 |
||
oracle mysql 3.23.49 |
||
oracle mysql 4.0.13 |
||
oracle mysql 4.0.14 |
||
oracle mysql 4.0.3 |
||
oracle mysql 4.0.4 |
||
oracle mysql 4.0.9 |
||
oracle mysql 4.1.4 |
||
oracle mysql 4.1.5 |
||
oracle mysql 4.0.10 |
||
oracle mysql 4.0.11 |
||
oracle mysql 4.0.2 |
||
oracle mysql 4.0.20 |
||
oracle mysql 4.0.6 |
||
oracle mysql 4.0.7 |
||
mysql mysql 4.1.10 |
||
oracle mysql 4.1.2 |
||
oracle mysql 4.0.12 |
||
oracle mysql 4.0.21 |
||
oracle mysql 4.0.23 |
||
oracle mysql 4.0.8 |
||
mysql mysql 4.1.3 |
||
oracle mysql 4.1.3 |