CVE-2005-0004

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.debian.org/security/2005/dsa-647", "name": "DSA-647", "tags": ["Patch", "Vendor Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/13867", "name": "13867", "tags": ["Not Applicable"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/12277", "name": "12277", "tags": ["Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://lists.mysql.com/internals/20600", "name": "http://lists.mysql.com/internals/20600", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html", "name": "http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947", "name": "CLA-2005:947", "tags": ["Third Party Advisory"], "refsource": "CONECTIVA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1", "name": "101864", "tags": ["Broken Link"], "refsource": "SUNALERT"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:036", "name": "MDKSA-2005:036", "tags": ["Broken Link"], "refsource": "MANDRAKE"}, {"url": "http://marc.info/?l=bugtraq&m=110608297217224&w=2", "name": "20050118 [USN-63-1] MySQL client vulnerability", "tags": ["Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18922", "name": "mysql-mysqlaccess-symlink(18922)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-59"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-0004", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-04-14T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.0.3", "versionStartIncluding": "5.0.0"}, {"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.0.23", "versionStartIncluding": "4.0.0"}, {"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.1.10", "versionStartIncluding": "4.1.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.5.66", "versionStartIncluding": "5.5.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-08-05T14:26Z"}