Unrated severityNVD Advisory· Published Apr 14, 2005· Updated Apr 16, 2026

CVE-2005-0004

Description

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

Affected products

MariaDB/MariaDB
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Range: >=5.5.0,<5.5.66
Oracle Corporation/MySQL
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Range: >=4.0.0,<4.0.23
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2005/dsa-647nvdPatchVendor Advisory
www.securityfocus.com/bid/12277nvdPatchThird Party AdvisoryVDB EntryVendor Advisory
distro.conectiva.com.br/atualizacoes/nvdThird Party Advisory
lists.mysql.com/internals/20600nvdThird Party Advisory
marc.infonvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/18922nvdThird Party AdvisoryVDB Entry
mysql.osuosl.org/doc/mysql/en/News-4.1.10.htmlnvdBroken Link
secunia.com/advisories/13867nvdNot Applicable
sunsolve.sun.com/search/document.donvdBroken Link
www.mandriva.com/security/advisoriesnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000