Page 55 of 281 results (0.096 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. Desbordamiento de búfer en MySQL anteriores a 3.23.50, y 4.0 beta anteriores a 4.02 sobre Windows, y posiblemente otras plataformas, permite a usuarios locales ejecutar código arbitrario mediante un parámetro datadir largo en el fichero de inicialización my.ini, cuyos permisos en Windows permiten Control Total al grupo Todos. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0004.html http://marc.info/?l=bugtraq&m=103358628011935&w=2 http://www.iss.net/security_center/static/10243.php http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.x http://www.securityfocus.com/bid/5853 http://www.westpoint.ltd.uk/advisories/wp-02-0003.txt • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. • http://online.securityfocus.com/archive/1/217848 http://www.iss.net/security_center/static/7206.php http://www.securityfocus.com/bid/3381 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 2

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). • https://www.exploit-db.com/exploits/20718 http://archives.neohapsis.com/archives/bugtraq/2001-03/0237.html http://archives.neohapsis.com/archives/bugtraq/2001-03/0396.html http://www.securityfocus.com/bid/2522 https://exchange.xforce.ibmcloud.com/vulnerabilities/6617 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request. • http://dev.mysql.com/doc/mysql/en/news-3-23-33.html http://www.kb.cert.org/vuls/id/367320 http://www.securityfocus.com/archive/1/161917 https://exchange.xforce.ibmcloud.com/vulnerabilities/6419 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. • http://dev.mysql.com/doc/mysql/en/news-3-23-33.html http://www.kb.cert.org/vuls/id/123384 http://www.securityfocus.com/archive/1/161917 https://exchange.xforce.ibmcloud.com/vulnerabilities/6418 •