7.5

CVE-2002-1376

libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleMysql Version3.22.26
OracleMysql Version3.22.27
OracleMysql Version3.22.28
OracleMysql Version3.22.29
OracleMysql Version3.22.30
OracleMysql Version3.22.32
OracleMysql Version3.23.2
OracleMysql Version3.23.3
OracleMysql Version3.23.4
OracleMysql Version3.23.5
OracleMysql Version3.23.8
OracleMysql Version3.23.9
OracleMysql Version3.23.10
OracleMysql Version3.23.23
OracleMysql Version3.23.24
OracleMysql Version3.23.25
OracleMysql Version3.23.26
OracleMysql Version3.23.27
OracleMysql Version3.23.28
OracleMysql Version3.23.29
OracleMysql Version3.23.30
OracleMysql Version3.23.31
OracleMysql Version3.23.34
OracleMysql Version3.23.36
OracleMysql Version3.23.37
OracleMysql Version3.23.38
OracleMysql Version3.23.39
OracleMysql Version3.23.40
OracleMysql Version3.23.41
OracleMysql Version3.23.42
OracleMysql Version3.23.43
OracleMysql Version3.23.44
OracleMysql Version3.23.45
OracleMysql Version3.23.46
OracleMysql Version3.23.47
OracleMysql Version3.23.48
OracleMysql Version3.23.49
OracleMysql Version3.23.50
OracleMysql Version3.23.51
OracleMysql Version3.23.52
OracleMysql Version3.23.53
OracleMysql Version3.23.53a
OracleMysql Version4.0.0
OracleMysql Version4.0.1
OracleMysql Version4.0.2
OracleMysql Version4.0.3
OracleMysql Version4.0.5a
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.79% 0.932
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555
http://marc.info/?l=bugtraq&m=103971644013961&w=2
http://marc.info/?l=bugtraq&m=104004857201968&w=2
http://security.e-matters.de/advisories/042002.html
http://www.debian.org/security/2002/dsa-212
http://www.redhat.com/support/errata/RHSA-2002-288.html
http://marc.info/?l=bugtraq&m=104005886114500&w=2
http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=104033188706000&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2002:087
http://www.securityfocus.com/bid/6370
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6374
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/10849
https://exchange.xforce.ibmcloud.com/vulnerabilities/10850