Lucene search

[email protected]NVD:CVE-2005-0711

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0711

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.5%

JSON

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

Affected configurations

NVD

Node

mysqlmysqlMatch4.1.0

mysqlmysqlMatch4.1.3

mysqlmysqlMatch4.1.10

oraclemysqlMatch3.23.49

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.4

oraclemysqlMatch4.0.5

oraclemysqlMatch4.0.5a

oraclemysqlMatch4.0.6

oraclemysqlMatch4.0.7

oraclemysqlMatch4.0.7gamma

oraclemysqlMatch4.0.8

oraclemysqlMatch4.0.8gamma

oraclemysqlMatch4.0.9

oraclemysqlMatch4.0.9gamma

oraclemysqlMatch4.0.10

oraclemysqlMatch4.0.11

oraclemysqlMatch4.0.11gamma

oraclemysqlMatch4.0.12

oraclemysqlMatch4.0.13

oraclemysqlMatch4.0.14

oraclemysqlMatch4.0.15

oraclemysqlMatch4.0.18

oraclemysqlMatch4.0.20

oraclemysqlMatch4.0.21

oraclemysqlMatch4.0.23

oraclemysqlMatch4.1.0alpha

oraclemysqlMatch4.1.2alpha

oraclemysqlMatch4.1.3beta

oraclemysqlMatch4.1.4

oraclemysqlMatch4.1.5

References

archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html

lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1

www.debian.org/security/2005/dsa-707

www.gentoo.org/security/en/glsa/glsa-200503-19.xml

www.mandriva.com/security/advisories?name=MDKSA-2005:060

www.novell.com/linux/security/advisories/2005_19_mysql.html

www.redhat.com/support/errata/RHSA-2005-334.html

www.redhat.com/support/errata/RHSA-2005-348.html

www.securityfocus.com/bid/12781

www.trustix.org/errata/2005/0009/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591

usn.ubuntu.com/96-1/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.5%

JSON

Related for NVD:CVE-2005-0711

cve1 ubuntucve1 cvelist1 nessus17 gentoo1 openvas9 redhat2 centos1 ubuntu1 freebsd1 suse1 debian2 osv1