Vulnerabilities > Oracle > Mysql > 4.0.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-03 | CVE-2012-0583 | Remote MySQL Server vulnerability in Oracle MySQL Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. | 4.0 |
2010-07-13 | CVE-2010-2008 | Command Injection vulnerability in multiple products MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . | 3.5 |
2009-07-13 | CVE-2009-2446 | USE of Externally-Controlled Format String vulnerability in multiple products Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. | 8.5 |
2007-05-10 | CVE-2007-2583 | The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. | 4.0 |
2006-08-18 | CVE-2006-4226 | MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | 3.6 |
2006-08-09 | CVE-2006-4031 | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. | 2.1 |
2006-05-05 | CVE-2006-1517 | Remote Information Disclosure and Buffer Overflow vulnerability in MySQL sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. | 5.0 |
2006-05-05 | CVE-2006-1516 | Remote Information Disclosure and Buffer Overflow vulnerability in MySQL The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | 5.0 |
2005-08-16 | CVE-2005-2558 | Buffer Overflow vulnerability in MySQL User-Defined Function Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. | 4.6 |
2005-05-02 | CVE-2005-0711 | Remote vulnerability in MySQL AB MySQL MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. | 2.1 |