Vulnerabilities > Mysql > Mysql > 4.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-16 | CVE-2015-2575 | Remote Security vulnerability in Oracle MySQL Connectors Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J. | 4.9 |
2012-05-03 | CVE-2012-1696 | Remote MySQL Server vulnerability in Oracle MySQL Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | 4.0 |
2011-01-11 | CVE-2010-3682 | Denial Of Service vulnerability in Oracle MySQL 'EXPLAIN' Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... | 4.0 |
2011-01-11 | CVE-2010-3677 | Resource Management Errors vulnerability in multiple products Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. | 4.0 |
2010-05-21 | CVE-2010-1626 | Permissions, Privileges, and Access Controls vulnerability in multiple products MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | 3.6 |
2010-05-14 | CVE-2010-1621 | Permissions, Privileges, and Access Controls vulnerability in Mysql The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command. | 5.0 |
2009-11-30 | CVE-2009-4028 | Improper Input Validation vulnerability in multiple products The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library. | 6.8 |
2009-07-13 | CVE-2009-2446 | USE of Externally-Controlled Format String vulnerability in multiple products Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. | 8.5 |
2009-03-05 | CVE-2009-0819 | Remote Denial Of Service vulnerability in MySQL XPath Expression sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. | 4.0 |
2008-05-05 | CVE-2008-2079 | Permissions, Privileges, and Access Controls vulnerability in multiple products MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | 4.6 |