MySQL 3.23.55 and earlier creates world-writeable files and allows
mysql users to gain root privileges by using the "SELECT * INFO
OUTFILE" operator to overwrite a configuration file and cause mysql to
run as root upon restart, as demonstrated by modifying my.cnf.
Note:References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Disclaimer: The entry creation date may reflect when
the CVE-ID was allocated or reserved, and does not
necessarily indicate when this vulnerability was
discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.