2 matches found
CVE-2005-2573
The CVE-2005-2573 issue affects Oracle MySQL Server on Windows (MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta). The mysql_create_function function in sql_udf.cc uses an incomplete blacklist in a directory traversal check, enabling an attacker to include arbitrary files via...
MySQL < 4.0.25 / 4.1.13 / 5.0.7 Multiple Vulnerabilies
According to its version number, the installation of MySQL on the remote host is potentially affected by two flaws : - A buffer overflow can be triggered when copying the name of a user-defined function into a stack-based buffer. With sufficient access to create a user-defined function, an attack...