Vulnerabilities > Oracle > Mysql > 3.23.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-03 | CVE-2012-0583 | Remote MySQL Server vulnerability in Oracle MySQL Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. | 4.0 |
2010-07-13 | CVE-2010-2008 | Command Injection vulnerability in multiple products MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . | 3.5 |
2007-05-10 | CVE-2007-2583 | The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. | 4.0 |
2006-08-09 | CVE-2006-4031 | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. | 2.1 |
2004-11-03 | CVE-2004-0836 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | 10.0 |
2004-11-03 | CVE-2004-0835 | Local vulnerability in MySQL MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. | 7.5 |
2004-09-28 | CVE-2004-0457 | Unspecified vulnerability in Oracle Mysql The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 4.6 |
2002-10-11 | CVE-2002-0969 | Classic Buffer Overflow vulnerability in Oracle Mysql Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | 7.8 |
2001-06-27 | CVE-2001-0407 | Symbolic Link File Overwriting vulnerability in MySQL Root Operation Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. | 4.6 |
2001-02-09 | CVE-2001-1454 | Unspecified vulnerability in Oracle Mysql Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request. | 7.5 |