CVE-2005-0711

Name of the Vulnerable Software and Affected Versions MySQL versions 4.0.23 and earlier, and 4.1.x up to 4.1.10

Description The issue allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack, due to the use of predictable file names when creating temporary tables.

Recommendations For MySQL versions 4.0.23 and earlier, and 4.1.x up to 4.1.10, consider restricting the CREATE TEMPORARY TABLE privilege to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.