Oracle: >> Mysql >> 3.23.57 Security Vulnerabilities
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
CVSS Score
7.5
EPSS Score
0.036
Published
2004-11-03
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-09-28
Page 18