Vulnerabilities > Mysql

DATE CVE VULNERABILITY TITLE RISK
2005-04-26 CVE-2005-1274 Remote Security vulnerability in MaxDB
Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
network
low complexity
mysql
critical
10.0
2005-04-25 CVE-2005-0684 Remote Buffer Overflow vulnerability in MySQL MaxDB HTTP GET Request
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
network
low complexity
mysql
critical
10.0
2005-04-14 CVE-2005-0082 Denial-Of-Service vulnerability in MaxDB
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
network
low complexity
mysql
5.0
2005-04-14 CVE-2005-0081 Unspecified vulnerability in Mysql Maxdb
MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
network
low complexity
mysql
5.0
2005-01-13 CVE-2005-0111 Remote Buffer Overflow vulnerability in Mysql Maxdb 7.5.00
Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
network
low complexity
mysql
7.5
2005-01-10 CVE-2004-1169 Denial-Of-Service vulnerability in MaxDB
MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference.
network
low complexity
mysql
5.0
2005-01-10 CVE-2004-1168 Remote Security vulnerability in MaxDB
Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header.
network
low complexity
mysql
critical
10.0
2004-12-31 CVE-2004-0931 Denial of Service vulnerability in MySQL MaxDB WebDBM Server Name
MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
network
low complexity
mysql
5.0
2004-12-06 CVE-2004-0628 Denial Of Service vulnerability in Mysql 4.1.0
Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
network
low complexity
mysql
critical
10.0
2004-12-06 CVE-2004-0627 Unspecified vulnerability in Mysql 4.1.0
The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
network
low complexity
mysql
critical
10.0