Lucene search

K

9 matches found

CVE
CVE
added 2007/05/10 12:19 a.m.118 views

CVE-2007-2583

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

4CVSS5.8AI score0.03031EPSS
CVE
CVE
added 2007/12/10 9:46 p.m.65 views

CVE-2007-6303

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER V...

3.5CVSS9.3AI score0.00547EPSS
CVE
CVE
added 2007/03/12 11:19 p.m.64 views

CVE-2007-1420

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort...

2.1CVSS5.7AI score0.00059EPSS
CVE
CVE
added 2007/12/10 9:46 p.m.63 views

CVE-2007-6304

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required numb...

5CVSS6.1AI score0.04845EPSS
CVE
CVE
added 2007/05/16 1:19 a.m.59 views

CVE-2007-2692

The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

6CVSS6.4AI score0.00581EPSS
CVE
CVE
added 2007/05/16 1:19 a.m.56 views

CVE-2007-2693

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

3.5CVSS5.7AI score0.00394EPSS
CVE
CVE
added 2007/10/24 11:0 p.m.46 views

CVE-2003-1480

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.

4.3CVSS6.6AI score0.16138EPSS
CVE
CVE
added 2007/06/25 11:0 p.m.40 views

CVE-2003-1331

Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.

4CVSS7.6AI score0.11664EPSS
CVE
CVE
added 2007/12/10 7:46 p.m.36 views

CVE-2007-5970

MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user...

5.8CVSS6.6AI score0.0048EPSS