MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T21:21:06.505Z
Reserved: 2005-03-11T00:00:00
Link: CVE-2005-0711

No data.

Status : Deferred
Published: 2005-05-02T04:00:00.000
Modified: 2025-04-03T01:03:51.193
Link: CVE-2005-0711


No data.