Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
There are 386 matching records.
Displaying matches 381 through 386.
Vuln ID Summary CVSS Severity
CVE-2004-0837

MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.

Published: November 03, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2004-0457

The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Published: September 28, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.

Published: May 04, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2003-1331

Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2003-1480

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2003-0780

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

Published: September 22, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 9.0 HIGH