MySQL mysql_install_db Insecure Temporary File Creation Vulnerability

MySQL mysql_install_db Insecure Temporary File Creation Vulnerability

MySQL is reportedly affected by a vulnerability that can allow local attackers to gain unauthorized access to the database or gain elevated privileges. This issue results from a design error due to the creation of temporary files in an insecure manner.

The vulnerability affects the 'mysql_install_db' script.

Due to the nature of the script, an attacker may create database accounts or gain elevated privileges.

MySQL versions prior to 4.0.12 and MySQL 5.x releases 5.0.4 and prior are reported to be affected.