Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2002-1373

Published: 23/12/2002 Updated: 07/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Oracle

Vulnerability Summary

Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x prior to 3.23.54 allows remote malicious users to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql 3.22.29

oracle mysql 3.22.30

oracle mysql 3.23.26

oracle mysql 3.23.27

oracle mysql 3.23.28

oracle mysql 3.23.37

oracle mysql 3.23.38

oracle mysql 3.23.44

oracle mysql 3.23.45

oracle mysql 3.23.52

oracle mysql 3.23.53

oracle mysql 4.0.3

oracle mysql 4.0.5a

oracle mysql 3.22.32

oracle mysql 3.23.10

oracle mysql 3.23.29

oracle mysql 3.23.3

oracle mysql 3.23.39

oracle mysql 3.23.4

oracle mysql 3.23.46

oracle mysql 3.23.47

oracle mysql 3.23.53a

oracle mysql 3.23.8

oracle mysql 3.22.26

oracle mysql 3.23.2

oracle mysql 3.23.23

oracle mysql 3.23.30

oracle mysql 3.23.31

oracle mysql 3.23.40

oracle mysql 3.23.41

oracle mysql 3.23.48

oracle mysql 3.23.49

oracle mysql 3.23.9

oracle mysql 4.0.0

oracle mysql 3.22.27

oracle mysql 3.22.28

oracle mysql 3.23.24

oracle mysql 3.23.25

oracle mysql 3.23.34

oracle mysql 3.23.36

oracle mysql 3.23.42

oracle mysql 3.23.43

oracle mysql 3.23.5

oracle mysql 3.23.50

oracle mysql 3.23.51

oracle mysql 4.0.1

oracle mysql 4.0.2

Vendor Advisories

Debian Security Advisories: DSA-212-1 mysql -- multiple problems
While performing an audit of MySQL e-matters found several problems: signed/unsigned problem in COM_TABLE_DUMP Two sizes were taken as signed integers from a request and then cast to unsigned integers without checking for negative numbers Since the resulting numbers where used for a memcpy() operation this could lead to memory corrupti ...

References

NVD-CWE-Otherhttp://security.e-matters.de/advisories/042002.htmlhttp://www.securityfocus.com/bid/6368http://www.redhat.com/support/errata/RHSA-2002-288.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555http://www.debian.org/security/2002/dsa-212http://www.securityfocus.com/advisories/5269http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:087http://www.redhat.com/support/errata/RHSA-2002-289.htmlhttp://www.redhat.com/support/errata/RHSA-2003-166.htmlhttp://www.novell.com/linux/security/advisories/2003_003_mysql.htmlhttp://www.trustix.net/errata/misc/2002/TSL-2002-0086-mysql.asc.txthttp://marc.info/?l=bugtraq&m=104004857201968&w=2http://marc.info/?l=bugtraq&m=103971644013961&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/10846https://nvd.nist.govhttps://www.debian.org/security/./dsa-212
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook