Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2008-7247 |
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink. Published: November 30, 2009; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.0 MEDIUM |
CVE-2009-0819 |
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. Published: March 04, 2009; 9:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2008-3963 |
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. Published: September 10, 2008; 9:13:47 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2008-0226 |
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. Published: January 10, 2008; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-2583 |
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. Published: May 09, 2007; 8:19:00 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |