Description

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

Remediation

References

CVE-2005-0004

Related Vulnerabilities

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36094)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2509)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2889)

WordPress Plugin BuddyPress Multiple Vulnerabilities (1.9.1)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946)

Severity

Medium

Classification

CVE-2005-0004 CWE-59

Tags

Missing Update Known Vulnerabilities