27 matches found
Code injection
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a query that uses the 1 GREATEST or 2 LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the...
CVE-2010-3838
CVE-2010-3838 affects MySQL up to 5.0.92, 5.1 up to 5.1.51, and 5.5 up to 5.5.6. It enables remote authenticated users to crash the server via a query using GREATEST or LEAST with mixed numeric and LONGBLOB arguments, when results are processed through an intermediate temporary table. Root cause ...
Unfixed XSS vulnerability at www.applabs.com
Security researcher Greatest, has submitted on 11/12/2010 a cross-site-scripting XSS vulnerability affecting www.applabs.com, which at the time of submission ranked 291732 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1017-1)
It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. CVE-2010-2008 It was discovered that MySQL...
MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...
MySQL: crash with LONGBLOB and union or update with subquery (MySQL Bug#54461)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a query that uses the 1 GREATEST or 2 LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the...
MySQL Community Server < 5.1.51 Multiple Vulnerabilities
The version of MySQL Community Server installed on the remote host is earlier than 5.1.51 and is, therefore, potentially affected by multiple vulnerabilities: - A privilege escalation vulnerability exists when using statement-based replication. Version specific comments used on a master server wi...