MySQL handle temporary files in an unsafe way while creating new database, allowing a malicious attacker to inject arbitrary SQL commands.
* MySQL versions 4.0.11 and prior
* MySQL versions 5.0.4 and prior
* MySQL version 4.0.12
MySQL contain a security flaw that could allow a malicious local attacker to inject arbitrary SQL commands during database creation process.
MySQL versions 5.* is still vulnerable.