CVE-2005-0004

{"id": "CVE-2005-0004", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-04-14T04:00:00.000", "references": [{"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "http://lists.mysql.com/internals/20600", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "http://marc.info/?l=bugtraq&m=110608297217224&w=2", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://secunia.com/advisories/13867", "tags": ["Not Applicable"], "source": "[email protected]"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://www.debian.org/security/2005/dsa-647", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:036", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/12277", "tags": ["Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18922", "tags": ["Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.mysql.com/internals/20600", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=110608297217224&w=2", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/13867", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2005/dsa-647", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:036", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/12277", "tags": ["Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18922", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files."}, {"lang": "es", "value": "El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simb\u00f3licos (symlink) en ficheros temporales."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DE5DAF-002F-4151-BDF1-72E7B9D3CA87", "versionEndExcluding": "4.0.23", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE3B3226-45DB-46F8-A92D-AA15F6652F4C", "versionEndExcluding": "4.1.10", "versionStartIncluding": "4.1.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B01C1FA-A584-44D8-A7A6-996B3C991F8F", "versionEndExcluding": "5.0.3", "versionStartIncluding": "5.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "966DE621-0387-4AED-AC5F-67D87391AAA2", "versionEndExcluding": "5.5.66", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}