CVE Vulnerabilities

CVE-2004-0835

Published: Nov 03, 2004 | Modified: Oct 07, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.

Affected Software

Name Vendor Start Version End Version
Mysql Mysql 4.1.0 (including) 4.1.2 (including)
Mysql Mysql 5.0.0 (including) 5.0.1 (including)
Mysql Oracle 3.20 (excluding) 3.23.59 (excluding)
Mysql Oracle 4.0.0 (including) 4.0.19 (excluding)
Red Hat Desktop version 3 Extras RedHat *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *
Mysql-dfsg Ubuntu dapper *
Mysql-dfsg Ubuntu edgy *

References