Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-1636

Published: 17/05/2005 Updated: 17/12/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Mysql

Vulnerability Summary

mysql_install_db in MySQL 4.1.x prior to 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql 4.0.11

oracle mysql 4.0.7

mysql mysql 5.0.1

mysql mysql 5.0.2

mysql mysql 5.0.3

oracle mysql 4.0.0

oracle mysql 4.0.4

oracle mysql 4.0.5

oracle mysql 4.0.9

oracle mysql 4.0.1

oracle mysql 4.0.10

oracle mysql 4.0.5a

oracle mysql 4.0.6

oracle mysql 5.0.0

oracle mysql 4.0.2

oracle mysql 4.0.3

oracle mysql 4.0.8

mysql mysql 5.0.4

Vendor Advisories

Red Hat: mysql security update
Synopsis mysql security update Type/Severity Security Advisory: Low Topic Updated mysql packages that fix a temporary file flaw and a number of bugsare now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description MySQL is a multi-u ...
Debian Security Advisories: DSA-783-1 mysql-dfsg-4.1 -- insecure temporary file
Eric Romang discovered a temporary file vulnerability in a script accompanied with MySQL, a popular database, that allows an attacker to execute arbitrary SQL commands when the server is installed or updated The old stable distribution (woody) as well as mysql-dfsg are not affected by this problem For the stable distribution (sarge) this problem ...

References

NVD-CWE-Otherhttp://www.zataz.net/adviso/mysql-05172005.txthttp://www.securityfocus.com/bid/13660https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158688http://secunia.com/advisories/15369http://www.redhat.com/support/errata/RHSA-2005-685.htmlhttp://secunia.com/advisories/17080http://www.mandriva.com/security/advisories?name=MDKSA-2006:045http://marc.info/?l=full-disclosure&m=111632686805498&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9504https://access.redhat.com/errata/RHSA-2005:685https://nvd.nist.govhttps://www.debian.org/security/./dsa-783
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook