CVE-2008-2079

N/A Unknown
Published: May 05, 2008 Modified: April 23, 2026
View on NVD

Description

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.mysql.com/bug.php?id=32167
Source: secalert@redhat.com
Exploit Patch Vendor Advisory
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
Source: secalert@redhat.com
Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html
Source: secalert@redhat.com
Vendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html
Source: secalert@redhat.com
Vendor Advisory
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html
Source: secalert@redhat.com
Vendor Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/30134
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/31066
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/31226
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/31687
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/32222
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/32769
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/36566
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/36701
Source: secalert@redhat.com
Third Party Advisory
http://support.apple.com/kb/HT3216
Source: secalert@redhat.com
Third Party Advisory
http://support.apple.com/kb/HT3865
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2008/dsa-1608
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:149
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0505.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0510.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0768.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-1289.html
Source: secalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/29106
Source: secalert@redhat.com
Patch Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/31681
Source: secalert@redhat.com
Patch Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1019995
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-671-1
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1472/references
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2780
Source: secalert@redhat.com
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42267
Source: secalert@redhat.com
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133
Source: secalert@redhat.com
Third Party Advisory
http://bugs.mysql.com/bug.php?id=32167
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch Vendor Advisory
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/30134
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/31066
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/31226
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/31687
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/32222
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/32769
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/36566
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/36701
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT3216
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT3865
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2008/dsa-1608
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:149
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0505.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0510.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0768.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-1289.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/29106
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/31681
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1019995
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-671-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1472/references
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2780
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42267
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

66 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.6%
68th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

debian canonical mysql oracle

Related CVEs

CVE-2026-42615 7.2
CVE-2026-23773 4.3
CVE-2026-40560 N/A
CVE-2026-7363 N/A
CVE-2026-7361 N/A