8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.7%
MySQL, when running on Windows, allows remote authenticated users with
insert privileges on the mysql.func table to cause a denial of service
(server hang) and possibly execute arbitrary code via (1) a request for a
non-library file, which causes the Windows LoadLibraryEx function to block,
or (2) a request for a function in a library that has the XXX_deinit or
XXX_init functions defined but is not tailored for mySQL, such as
jpeg1x32.dll and jpeg2x32.dll.