CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2005-2573
https://notcve.org/view.php?id=CVE-2005-2573
16 Aug 2005 — The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2005-1636
https://notcve.org/view.php?id=CVE-2005-1636
17 May 2005 — mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents. • http://marc.info/?l=full-disclosure&m=111632686805498&w=2 •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 1CVE-2005-0799
https://notcve.org/view.php?id=CVE-2005-0799
15 Mar 2005 — MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN. • http://bugs.mysql.com/bug.php?id=9148 •
CVSS: 8.8EPSS: 94%CPEs: 34EXPL: 2CVE-2005-0710 – MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection
https://notcve.org/view.php?id=CVE-2005-0710
11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. • https://www.exploit-db.com/exploits/25210 •
CVSS: 8.8EPSS: 96%CPEs: 34EXPL: 3CVE-2005-0709 – MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution
https://notcve.org/view.php?id=CVE-2005-0709
11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. • https://www.exploit-db.com/exploits/25209 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 3CVE-2005-0711 – MySQL 4.x - CREATE Temporary TABLE Symlink Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-0711
11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/25211 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0004
https://notcve.org/view.php?id=CVE-2005-0004
20 Jan 2005 — The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simbólicos ... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2004-2149
https://notcve.org/view.php?id=CVE-2004-2149
31 Dec 2004 — Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. • http://bugs.mysql.com/bug.php?id=5194 •
CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2004-0956
https://notcve.org/view.php?id=CVE-2004-0956
05 Dec 2004 — MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. MySQL anteriores a 4.0.20 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una consulta MATCH AGAINST con comillas dobles iniciales pero sin comillas dobles de cierre. • http://bugs.mysql.com/bug.php?id=3870 •
CVSS: 7.8EPSS: 0%CPEs: 99EXPL: 0CVE-2004-0957
https://notcve.org/view.php?id=CVE-2004-0957
21 Oct 2004 — Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 •