CVE-2005-2558
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.968 High
EPSS
Percentile
99.7%
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
Affected configurations
References
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt
lists.grok.org.uk/pipermail/full-disclosure/2005-August/035845.html
marc.info/?l=bugtraq&m=112354450412427&w=2
secunia.com/advisories/17027
secunia.com/advisories/20381
secunia.com/advisories/29847
sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
www.appsecinc.com/resources/alerts/mysql/2005-002.html
www.debian.org/security/2005/dsa-829
www.debian.org/security/2005/dsa-831
www.debian.org/security/2005/dsa-833
www.mandriva.com/security/advisories?name=MDKSA-2005:163
www.novell.com/linux/security/advisories/2005_21_sr.html
www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00005.html
www.securityfocus.com/bid/14509
www.vupen.com/english/advisories/2008/1326/references
exchange.xforce.ibmcloud.com/vulnerabilities/21737
www.ubuntu.com/usn/usn-180-1/
www.ubuntu.com/usn/usn-180-2/
Related
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.968 High
EPSS
Percentile
99.7%