[From Secunia]
Eric Romang has reported a vulnerability in MySQL, which can be exploited by malicious, local users to conduct various actions on a vulnerable system with escalated privileges.
The vulnerability is caused due to the mysql_install_db script creating the temporary file “mysql_install_db.$$” insecurely.
The article continues at
http://secunia.com/advisories/15369/