CVE-2005-0710

Name of the Vulnerable Software and Affected Versions MySQL versions 4.0.23 and earlier MySQL versions 4.1.x up to 4.1.10

Description The issue allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries. This is achieved by using INSERT INTO to modify the mysql.func table, which is processed by the udf init function.

Recommendations For MySQL versions 4.0.23 and earlier, update to a version later than 4.0.23 to resolve the issue. For MySQL versions 4.1.x up to 4.1.10, update to a version later than 4.1.10 to resolve the issue. As a temporary workaround, consider restricting INSERT and DELETE privileges to minimize the risk of exploitation.