Lucene search

[email protected]CVE-2002-1375

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1375

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1375

mysql

remote code execution

security vulnerability

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.129 Low

EPSS

Percentile

95.5%

JSON

The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.

Affected configurations

NVD

Node

oraclemysqlMatch3.22.26

oraclemysqlMatch3.22.27

oraclemysqlMatch3.22.28

oraclemysqlMatch3.22.29

oraclemysqlMatch3.22.30

oraclemysqlMatch3.22.32

oraclemysqlMatch3.23.2

oraclemysqlMatch3.23.3

oraclemysqlMatch3.23.4

oraclemysqlMatch3.23.5

oraclemysqlMatch3.23.8

oraclemysqlMatch3.23.9

oraclemysqlMatch3.23.10

oraclemysqlMatch3.23.23

oraclemysqlMatch3.23.24

oraclemysqlMatch3.23.25

oraclemysqlMatch3.23.26

oraclemysqlMatch3.23.27

oraclemysqlMatch3.23.28

oraclemysqlMatch3.23.29

oraclemysqlMatch3.23.30

oraclemysqlMatch3.23.31

oraclemysqlMatch3.23.34

oraclemysqlMatch3.23.36

oraclemysqlMatch3.23.37

oraclemysqlMatch3.23.38

oraclemysqlMatch3.23.39

oraclemysqlMatch3.23.40

oraclemysqlMatch3.23.41

oraclemysqlMatch3.23.42

oraclemysqlMatch3.23.43

oraclemysqlMatch3.23.44

oraclemysqlMatch3.23.45

oraclemysqlMatch3.23.46

oraclemysqlMatch3.23.47

oraclemysqlMatch3.23.48

oraclemysqlMatch3.23.49

oraclemysqlMatch3.23.50

oraclemysqlMatch3.23.51

oraclemysqlMatch3.23.52

oraclemysqlMatch3.23.53

oraclemysqlMatch3.23.53a

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.5a

symantec_veritasnetbackup_advanced_reporterMatch3.4

symantec_veritasnetbackup_advanced_reporterMatch4.5

symantec_veritasnetbackup_advanced_reporterMatch4.5_fp1

symantec_veritasnetbackup_advanced_reporterMatch4.5_fp2

symantec_veritasnetbackup_advanced_reporterMatch4.5_fp3

symantec_veritasnetbackup_advanced_reporterMatch4.5_mp1

symantec_veritasnetbackup_advanced_reporterMatch4.5_mp2

symantec_veritasnetbackup_advanced_reporterMatch4.5_mp3

symantec_veritasnetbackup_global_data_managerMatch4.5

symantec_veritasnetbackup_global_data_managerMatch4.5_fp1

symantec_veritasnetbackup_global_data_managerMatch4.5_fp2

symantec_veritasnetbackup_global_data_managerMatch4.5_fp3

symantec_veritasnetbackup_global_data_managerMatch4.5_mp1

symantec_veritasnetbackup_global_data_managerMatch4.5_mp2

symantec_veritasnetbackup_global_data_managerMatch4.5_mp3

CPENameOperatorVersion
oracle:mysqloracle mysqleq3.22.26
oracle:mysqloracle mysqleq3.22.27
oracle:mysqloracle mysqleq3.22.28
oracle:mysqloracle mysqleq3.22.29
oracle:mysqloracle mysqleq3.22.30
oracle:mysqloracle mysqleq3.22.32
oracle:mysqloracle mysqleq3.23.2
oracle:mysqloracle mysqleq3.23.3
oracle:mysqloracle mysqleq3.23.4
oracle:mysqloracle mysqleq3.23.5

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	eq	3.22.26
oracle:mysql	oracle mysql	eq	3.22.27
oracle:mysql	oracle mysql	eq	3.22.28
oracle:mysql	oracle mysql	eq	3.22.29
oracle:mysql	oracle mysql	eq	3.22.30
oracle:mysql	oracle mysql	eq	3.22.32
oracle:mysql	oracle mysql	eq	3.23.2
oracle:mysql	oracle mysql	eq	3.23.3
oracle:mysql	oracle mysql	eq	3.23.4
oracle:mysql	oracle mysql	eq	3.23.5