| 9! | Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
|
 | | Quarterly CPU fixes nearly 80 different vulnerabilities |
| | MySQL table drop
|
| | Under some conditions, files related to different table may be removed on dropping MyISAM table. |
| | MySQL multiple security vulnerabilities
|
| | Certificate spoofing, privilege escalation, DoS. |
| | MySQL format string vulnerabilities
|
| | COM_CREATE_DB, COM_DROP_DB format string vulnerabilities |
| | MySQL COM_CREATE_DB format string vulnerability
|
| | Format string vulnerability via databse name. |
| | MySQL dynamic functions loading vulnerability
|
| | It's possible to load dynamic library from any location; functions are still available after library is unloaded. |
| | MySQL privilege escalation
updated since 22.07.2008
|
| | It's possible to specify file of different database in CREATE TABLE. |
| | MySQL SHOW TABLE STATUS DoS |
| | | |
| | MySQL DoS
|
| | Invalid assertion on CONTAINS processing. |
| 6! | MySQL multiple security vulnerabilities
|
| | Denial of service, privilege escalation. |
| | MySQL multiple security vulnerabilities
|
| | CREATE TABLE LIKE privilege escalation, server crash on authentication. |
| | MySQL RENAME privilege escalation
|
| | DROP permission is not checked during RENAME operation. |
| | MySQl database server DoS
|
| | Division by zero and NULL-pointer dereference on malcrafted IF condition. |
| | MySQL subselect DoS
|
| | NULL pointer dereference if string function is applied to select with "order by" result. |
| 6! | Multiple MySQL security vulnerabilities
|
| | Privilege escalation with stored routine, privilege escalation with creating a database with the name different only in case from existing one. |
| | MySQL MERGE tables privilege escalation
|
| | User may retain acces to MERGE table after access to original table is revoked. |
| | MySQL DoS
|
| | "select str_to_date( 1, NULL );" request causes database server to crash. |
| 7! | Multiple MySQL security vulnerabilities
|
| | Memory content leak during authentication, memory content leak and code execution with COM_TABLE_DUMP packets. |
| | MySQL information_schema view information leak
|
| | User can discover request used for view regardless of permissions with SELECT * FROM information_schema.views. |
| 6! | MySQL buffer overflow
|
| | init_syms function stack-based buffer overflow. |
| 6! | MySQL user defined functions multiple vulnerabilities
|
| | Buffer overflow on oversized user defined function name. DoS, directory traversal and privilege escalation on external functions invocation. |
| | MySQL symbolic links problem
updated since 19.08.2004
|
| | mysqlhotcopy, mysqlaccess unsafe temporary files creation. |
| 7! | MySQL unauthorized access
|
| | During password check length of the user-supplied password is used. |
| | mysqlbug symbolic links problem
|
| | Symbolic links problem during bugreport saving. |
| | |
