10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.6%
Added: 09/06/2006
CVE: CVE-2006-4305
BID: 19660
OSVDB: 28300
MaxDB is a SAP-certified open-source database developed by MySQL.
A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client.
Upgrade to MaxDB 7.6.00.31 or higher.
<http://archives.neohapsis.com/archives/bugtraq/2006-08/0512.html>
Exploit works with MaxDB 7.6.00.27.
Windows