CVE-2005-2573

2005-08-16T00:00:00
ID CVE-2005-2573
Type cve
Reporter NVD
Modified 2017-07-10T21:32:54

Description

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash () character.