CVE-2005-0710 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-0710 Interim 1 5 2024-09-16T02:41:21Z current 2021-05-30T12:32:14Z 2024-09-16T02:41:21Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-0710 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E6QI6CNBF2WEFJK56LQR43WED7QSQXJD/#E6QI6CNBF2WEFJK56LQR43WED7QSQXJD E-Mail link for SUSE-SA:2005:019 https://www.suse.com/support/security/rating/ SUSE Security Ratings MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. CVE-2005-0710 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P