MySQL 4.0.23 and previous versions, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle mysql 4.0.11 |
||
oracle mysql 4.0.20 |
||
oracle mysql 4.0.21 |
||
oracle mysql 4.0.7 |
||
oracle mysql 4.0.8 |
||
oracle mysql 4.1.2 |
||
mysql mysql 4.1.3 |
||
oracle mysql 4.0.1 |
||
oracle mysql 4.0.10 |
||
oracle mysql 4.0.18 |
||
oracle mysql 4.0.2 |
||
oracle mysql 4.0.5a |
||
oracle mysql 4.0.6 |
||
oracle mysql 4.1.0 |
||
mysql mysql 4.1.10 |
||
oracle mysql 4.0.12 |
||
oracle mysql 4.0.13 |
||
oracle mysql 4.0.23 |
||
oracle mysql 4.0.3 |
||
oracle mysql 4.0.9 |
||
oracle mysql 4.1.3 |
||
oracle mysql 4.1.4 |
||
oracle mysql 3.23.49 |
||
oracle mysql 4.0.0 |
||
oracle mysql 4.0.14 |
||
oracle mysql 4.0.15 |
||
oracle mysql 4.0.4 |
||
oracle mysql 4.0.5 |
||
mysql mysql 4.1.0 |
||
oracle mysql 4.1.5 |