SUSE CVE-2006-3469

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service crash via a format string instead of a date as the first parameter to the dateformat function, which is later used in a formatted pri...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 callback parameter in a colorselector action, 2 field parameter in a dateformat action, or 3 companyname parameter in an addedit action to index.php...

CVE-2012-5702

Multiple cross-site scripting XSS vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 callback parameter in a colorselector action, 2 field parameter in a dateformat action, or 3 companyname parameter in an addedit action to index.php...

MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19032/info MySQL is prone to a remote denial-of-service vulnerability because the database server fails to properly handle unexpected input. This issue allows remote attackers to crash affected database servers, denying...

MySQL Server DATE_FORMAT Function Format String (CVE-2006-3469)

MySQL is a popular open-source implementation of a relational database that supports the Structured Query Language SQL for querying and updating stored data. Communication with the database occurs by using the MySQL protocol. As with other database implementations, MySQL has a number of built-in...

Gentoo Security Advisory GLSA 200608-09 (mysql)

The remote host is missing updates announced in advisory GLSA 200608-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-321-1)

Jean-David Maillefer discovered a format string bug in the dateformat function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly...

GLSA-200608-09 : MySQL: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200608-09 MySQL: Denial of Service Jean-David Maillefer discovered a format string vulnerability in time.cc where MySQL fails to properly handle specially formatted user input to the dateformat function. Impact : By specifying a...

MySQL: Denial of service

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Jean-David Maillefer discovered a format string vulnerability in time.cc where MySQL fails to properly handle specially formatted user input to the dateformat function. Impact By specifying a format string as the fir...

USN-321-1: mysql-dfsg-4.1 vulnerability

Jean-David Maillefer discovered a format string bug in the dateformat function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server...