CVSS: 10.0EPSS: 71%CPEs: 2EXPL: 2CVE-2006-4305 – MaxDB WebDBM Database Parameter Overflow
https://notcve.org/view.php?id=CVE-2006-4305
29 Aug 2006 — Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client. Desbordamiento de búfer en SAP DB y MaxDB anterior a 7.6.00.30 permite a atacantes remotos ejecutar código arbitrario mediante un nombre de base de datos largo al conectar mediante el cliente WebDBM. A connection from a SAP-DB/MaxDB WebDBM Client to the DBM Server causes a buffer overflow when the given database name is too large. This can resul... • https://packetstorm.news/files/id/82925 •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2005-1274
https://notcve.org/view.php?id=CVE-2005-1274
26 Apr 2005 — Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter. • http://www.idefense.com/application/poi/display?id=236&type=vulnerabilities •
CVSS: 10.0EPSS: 71%CPEs: 10EXPL: 2CVE-2005-0684 – MaxDB WebDBM GET Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0684
25 Apr 2005 — Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. • https://packetstorm.news/files/id/83068 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0083 – iDEFENSE Security Advisory 2005-03-14.t
https://notcve.org/view.php?id=CVE-2005-0083
17 Mar 2005 — MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. A number of remotely exploitable inp... • http://www.idefense.com/application/poi/display?id=218&type=vulnerabilities •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-0081 – iDEFENSE Security Advisory 2005-01-19.t
https://notcve.org/view.php?id=CVE-2005-0081
20 Jan 2005 — MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. MySQL MaxDB 7.5.0.0 y otras versiones anteriores a la 7.5.0.21, permite a atacantes remotos causar la Denegación de Servcio (DoS) por caída, mediante una petición HTTP con cabeceras no válidas. Two remotely exploitable denial of service conditions have been found to exist in MySQL MaxDB and SAP DB Web Agent products. MaxDB 7.5.00.21 fixes these issue... • http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-0082 – iDEFENSE Security Advisory 2005-01-19.t
https://notcve.org/view.php?id=CVE-2005-0082
20 Jan 2005 — The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. La función sapdbwa_GetUserData de MySQL MaxDB 7.5.0.0, otras versiones anteriores a 7.5.0.21 permite a atacantes remotos causar una denegación de servicio (caída) mediante un parámetro inválido al código de manejador de WebDAV, lo... • http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2005-0111
https://notcve.org/view.php?id=CVE-2005-0111
13 Jan 2005 — Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter. • http://securitytracker.com/id?1012893 •
CVSS: 10.0EPSS: 4%CPEs: 7EXPL: 0CVE-2004-1168
https://notcve.org/view.php?id=CVE-2004-1168
10 Dec 2004 — Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header. • http://marc.info/?l=bugtraq&m=110244542000340&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2004-1169
https://notcve.org/view.php?id=CVE-2004-1169
10 Dec 2004 — MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. • http://marc.info/?l=bugtraq&m=110244542000340&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2004-0931 – 10.06.04a.txt
https://notcve.org/view.php?id=CVE-2004-0931
13 Oct 2004 — MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function. Remote exploitation of an input validation error in MySQL MaxDB could allow attackers to trigger a denial of service condition. • http://www.idefense.com/application/poi/display?id=150&type=vulnerabilities&flashstatus=false •