CVE-2008-7247

Name of the Vulnerable Software and Affected Versions MySQL versions 5.0.x through 5.0.88 MySQL versions 5.1.x through 5.1.41 MySQL version 6.0 before 6.0.9-alpha

Description The issue allows remote authenticated users to bypass intended access restrictions. This occurs when the data home directory contains a symlink to a different filesystem, and the user calls CREATE TABLE with a DATA DIRECTORY or INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.

Recommendations For MySQL versions 5.0.x through 5.0.88, update to a version after 5.0.88 to resolve the issue. For MySQL versions 5.1.x through 5.1.41, update to a version after 5.1.41 to resolve the issue. For MySQL version 6.0 before 6.0.9-alpha, update to version 6.0.9-alpha or later to resolve the issue.