CVE-2005-0710
Published: 2 May 2005
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
Priority
Status
Package | Release | Status |
---|---|---|
mysql-dfsg-4.1 Launchpad, Ubuntu, Debian |
dapper |
Released
(4.1.15-1ubuntu5)
|
edgy |
Released
(4.1.15-1ubuntu5)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
mysql-dfsg Launchpad, Ubuntu, Debian |
dapper |
Released
(4.0.24-10ubuntu2)
|
edgy |
Released
(4.0.24-10ubuntu2)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
mysql-dfsg-5.0 Launchpad, Ubuntu, Debian |
dapper |
Released
(5.0.22-0ubuntu6.06.3)
|
edgy |
Released
(5.0.24a-9ubuntu0.1)
|
|
feisty |
Released
(5.0.38-0ubuntu1)
|
|
upstream |
Needs triage
|