Lucene search

Ubuntu.comUB:CVE-2005-2572

HistoryAug 16, 2005 - 12:00 a.m.

CVE-2005-2572

2005-08-1600:00:00

ubuntu.com

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.7%

JSON

MySQL, when running on Windows, allows remote authenticated users with
insert privileges on the mysql.func table to cause a denial of service
(server hang) and possibly execute arbitrary code via (1) a request for a
non-library file, which causes the Windows LoadLibraryEx function to block,
or (2) a request for a function in a library that has the XXX_deinit or
XXX_init functions defined but is not tailored for mySQL, such as
jpeg1x32.dll and jpeg2x32.dll.

References

launchpad.net/bugs/cve/CVE-2005-2572

nvd.nist.gov/vuln/detail/CVE-2005-2572

security-tracker.debian.org/tracker/CVE-2005-2572

www.cve.org/CVERecord?id=CVE-2005-2572

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.7%

JSON

Related for UB:CVE-2005-2572