Page 36 of 203 results (0.008 seconds)

CVSS: 8.5EPSS: 7%CPEs: 115EXPL: 3

CVE-2009-2446 – MySQL 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities

https://notcve.org/view.php?id=CVE-2009-2446

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de formato de cadena en la función dispatch_command en libmysqld/sql_parse.cc en mysqld de MySQL v4.0.0 hasta v5.0.83 permiten a usuarios remotos autenticados causar una denegación de servicio (mediante caída del demonio) y, posiblemente otros efectos no especificados, a través de especificadores de formato de cadena en el nombre de base de datos en una petición (1) COM_CREATE_DB o (2) COM_DROP_DB. NOTA: Algunos de estos detalles se obtienen a partir de información de terceros. • https://www.exploit-db.com/exploits/33077 http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://secunia.com/advisories/35767 http://secunia.com/advisories/36566 http://secunia.com/advisories/38517 http://securitytracker.com/id?1022533 http://support.apple.com/kb/HT4077 http://ubuntu.com/usn/usn-897-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:179 http://w • CWE-134: Use of Externally-Controlled Format String •

CVSS: 4.0EPSS: 3%CPEs: 36EXPL: 2

CVE-2009-0819 – MySQL 6.0.9 - XPath Expression Remote Denial of Service

https://notcve.org/view.php?id=CVE-2009-0819

sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. El archivo sql/item_xmlfunc.cc en MySQL versiones 5.1 anteriores a 5.1.32 y versiones 6.0 anteriores a 6.0.10, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) por medio de "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," que desencadena un fallo de aserción. • https://www.exploit-db.com/exploits/32838 http://bugs.mysql.com/bug.php?id=42495 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html http://secunia.com/advisories/34115 http://www.securityfocus.com/bid/33972 http://www.securitytracker.com/id?1021786 http://www.vupen.com/english/advisories/2009/0594 https://exchange.xforce.ibmcloud.com/vulnerabilities/49050 https://oval.cisecurity.org/repository&# •

CVSS: 4.0EPSS: 9%CPEs: 1EXPL: 1

CVE-2007-5925 – MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service

https://notcve.org/view.php?id=CVE-2007-5925

The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. La función convert_search_mode_to_innobase del ha_innodb.cc en el motor InnoDB del 5.1.23-BK y versiones anteriores permite a usuarios remotos autenticados provocar una denegación de servicio (caída de la base de datos) a través de ciertas operaciones CONTAINS sobre un índice de una columna, lo que dispara una afirmación de error. • https://www.exploit-db.com/exploits/30744 http://bugs.gentoo.org/show_bug.cgi?id=198988 http://bugs.mysql.com/bug.php?id=32125 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://secunia.com/advisories/27568 http://secunia.com/advisories/27649 http://secunia.com/advisories/27823 http://secunia.com/advisories/28025 http://secunia.com/advisories/28040 http://secunia. • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0

CVE-2007-2691 – mysql DROP privilege not enforced when renaming tables

https://notcve.org/view.php?id=CVE-2007-2691

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. MySQL anterior a 4.1.23, 5.0.x anterior a 5.0.42, y 5.1.x anterior a 5.1.18 no requiere el privilegio DROP para sentencias RENAME TABLE, lo cual permite a usuarios autenticados remotamente renombrar tablas de su elección. • http://bugs.mysql.com/bug.php?id=27515 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.mysql.com/announce/470 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://osvdb.org/34766 http://secunia.com/advisories/25301 http://secunia.com/advisories/25946 http://secunia.com/advisories/26073 http://secunia.com/advisories/26430 http://secunia. •

CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 2

CVE-2007-2583 – MySQL 5.0.x - IF Query Handling Remote Denial of Service

https://notcve.org/view.php?id=CVE-2007-2583

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. La función in_decimal::set en el archivo item_cmpfunc.cc en mySQL versiones anteriores a 5.0.40, y versiones 5.1 anteriores a 5.1.18-beta, permite a atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) por medio de una cláusula IF especialmente diseñada que resulta en un error de división por cero y una desreferencia del puntero NULL. MySQL version 5.0.x suffers from an IF query handling remote denial of service vulnerability. • https://www.exploit-db.com/exploits/30020 http://bugs.mysql.com/bug.php?id=27513 http://lists.mysql.com/commits/23685 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://packetstormsecurity.com/files/124295/MySQL-5.0.x-Denial-Of-Service.html http://secunia.com/advisories/25188 http://secunia.com/advisories/25196 http://secunia.com/advisories/25255 http://secunia.com/advisories/25389 http://secunia.com/advisories/25946 http://secunia.com/advis •