CVE Vulnerabilities

CVE-2004-0835

Published: Nov 03, 2004 | Modified: Oct 07, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.

Affected Software

Name Vendor Start Version End Version
Mysql Mysql 4.1.0 4.1.2
Mysql Mysql 5.0.0 5.0.1
Mysql Oracle * *
Mysql Oracle 4.0.0 *
Red Hat Enterprise Linux 2.1 RedHat mysql *
Red Hat Enterprise Linux 3 RedHat mysql-server *
Mysql-dfsg Ubuntu dapper *
Mysql-dfsg Ubuntu edgy *

References