MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2005-03-11T05:00:00
Updated: 2024-08-07T21:21:06.515Z
Reserved: 2005-03-11T00:00:00
Link: CVE-2005-0709
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-05-02T04:00:00.000
Modified: 2019-12-17T17:12:13.277
Link: CVE-2005-0709
Redhat