CVSS: 7.5EPSS: 8%CPEs: 47EXPL: 0CVE-2002-1373
https://notcve.org/view.php?id=CVE-2002-1373
23 Dec 2002 — Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call. Vulnerabilidad de enteros con signo en el paquete COM_TABLE_DUMP de MySQL 3.23.x anteriores a 3.23.54 permite a atacantes remotos causar una denegación de servicio (caída o cuelge) en mysqld proveyendo a una llamada a memcpy() con enteros negativos grandes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555 •
CVSS: 9.8EPSS: 15%CPEs: 62EXPL: 1CVE-2002-1375 – MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Memory Corruption
https://notcve.org/view.php?id=CVE-2002-1375
23 Dec 2002 — The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. El comando COM_CHANGE_USER en MySQL 3.x anteriores a 2.23.54 y 4.x anterior a 4.0.6 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta larga. • https://www.exploit-db.com/exploits/22085 •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2002-1376
https://notcve.org/view.php?id=CVE-2002-1376
17 Dec 2002 — libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. La librería de cliente libmysqlclient en MySQL 3.x a 3.23.54 y 4.x a 4.06, no verifica adecuadamente longitudes de campos de ciertas respuestas en las rutinas read_rows o read_one_row, lo que permite a a atacantes remotos causar un... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2002-0969
https://notcve.org/view.php?id=CVE-2002-0969
11 Oct 2002 — Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. Desbordamiento de búfer en MySQL anteriores a 3.23.50, y 4.0 beta anteriores a 4.02 sobre Windows, y posiblemente otras plataformas, permite a usuarios locales ejecutar código arbitrario mediante un parámetro datadir largo e... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0004.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1255
https://notcve.org/view.php?id=CVE-2001-1255
02 Oct 2001 — WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. • http://online.securityfocus.com/archive/1/217848 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0407 – MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting
https://notcve.org/view.php?id=CVE-2001-0407
27 Jun 2001 — Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). • https://www.exploit-db.com/exploits/20718 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2001-1454
https://notcve.org/view.php?id=CVE-2001-1454
09 Feb 2001 — Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request. • http://dev.mysql.com/doc/mysql/en/news-3-23-33.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2001-1453
https://notcve.org/view.php?id=CVE-2001-1453
09 Feb 2001 — Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. • http://dev.mysql.com/doc/mysql/en/news-3-23-33.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2001-1274 – Mysql 3.22.x/3.23.x - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-1274
23 Jan 2001 — Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. • https://www.exploit-db.com/exploits/20581 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1275
https://notcve.org/view.php?id=CVE-2001-1275
19 Jan 2001 — MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. • http://marc.info/?l=bugtraq&m=98089552030459&w=2 •