Unrated severityNVD Advisory· Published Sep 18, 2008· Updated Jun 16, 2026
CVE-2008-4097
CVE-2008-4097
Description
MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvdThird Party Advisory
- secunia.com/advisories/32759nvdVendor Advisory
- www.ubuntu.com/usn/USN-671-1nvdThird Party Advisory
- secunia.com/advisories/32769nvdBroken LinkNot Applicable
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.openwall.com/lists/oss-security/2008/09/09/20nvdMailing List
- www.openwall.com/lists/oss-security/2008/09/16/3nvdMailing List
- exchange.xforce.ibmcloud.com/vulnerabilities/45648nvdVDB Entry
News mentions
0No linked articles in our index yet.