Lucene search
HistoryOct 22, 2009 - 4:30 p.m.
CVE-2009-2942
mysql
mysql-ocaml
remote attack
escaping issues
multibyte character encodings
cve-2009-2942
6.4 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.2%
The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mysql-ocaml:mysql-ocaml | mysql-ocaml | eq | 1.0.4 |
Related
openvas
openvas
Debian Security Advisory DSA 1910-1 (mysql-ocaml)
2009-10-19 00:00:00
Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
2009-11-17 00:00:00
Debian Security Advisory DSA 1910-1 (mysql-ocaml)
2009-10-19 00:00:00
debiancve
debiancve
CVE-2009-2942
2009-10-22 16:30:00
ubuntucve
ubuntucve
CVE-2009-2942
2009-10-22 00:00:00
nessus
nessus
Fedora 11 : ocaml-mysql-1.0.4-8.fc11.1 (2009-10701)
2009-11-11 00:00:00
Fedora 10 : ocaml-mysql-1.0.4-3.fc10.1 (2009-10582)
2009-11-11 00:00:00
Debian DSA-1910-1 : mysql-ocaml - missing escape function
2010-02-24 00:00:00
debian
debian
[SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping
2009-10-15 00:15:10
prion
prion
Code injection
2009-10-22 16:30:00
fedora
fedora
[SECURITY] Fedora 11 Update: ocaml-mysql-1.0.4-8.fc11.1
2009-11-10 17:55:22
[SECURITY] Fedora 10 Update: ocaml-mysql-1.0.4-3.fc10.1
2009-11-10 17:45:36
securityvulns
securityvulns
pygresql / mysql-ocaml / postgresql-ocaml SQL injection
2009-10-15 00:00:00
6.4 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.2%
Related for CVE-2009-2942