CVE-2005-0709

2005-05-02T04:00:00
ID CVE-2005-0709
Type cve
Reporter cve@mitre.org
Modified 2018-10-03T21:29:00

Description

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.