Description

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

Remediation

References

CVE-2005-2573

Related Vulnerabilities

Apache HTTP Server CVE-2005-2700 Vulnerability (CVE-2005-2700)

Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)

phpList Other Vulnerability (CVE-2006-5524)

e107 Other Vulnerability (CVE-2005-4051)

Oracle Database Server CVE-2006-1877 Vulnerability (CVE-2006-1877)

Severity

Medium

Classification

CVE-2005-2573

Tags

Missing Update Known Vulnerabilities