Vulnerabilities > Oracle > Mysql > 5.0.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-01 | CVE-2006-2753 | SQL Injection vulnerability in MySQL Mysql_real_escape Function SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | 7.5 |
2006-05-05 | CVE-2006-1518 | Remote Information Disclosure and Buffer Overflow vulnerability in MySQL Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values. | 6.5 |
2006-05-05 | CVE-2006-1517 | Remote Information Disclosure and Buffer Overflow vulnerability in MySQL sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. | 5.0 |
2006-05-05 | CVE-2006-1516 | Remote Information Disclosure and Buffer Overflow vulnerability in MySQL The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | 5.0 |