- Home
- CVEs with nessus.description==Multiple vulnerabilities have been identified affecting MySQL, a
relational database server, and its associated interactive client
application. The Common Vulnerabilities and Exposures project
identifies the following two problems :
- CVE-2008-3963
Kay Roepke reported that the MySQL server would not
properly handle an empty bit-string literal in a SQL
statement, allowing an authenticated remote attacker to
cause a denial of service (a crash) in mysqld. This
issue affects the oldstable distribution (etch), but not
the stable distribution (lenny).
- CVE-2008-4456
Thomas Henlich reported that the MySQL commandline
client application did not encode HTML special
characters when run in HTML output mode (that is, 'mysql
--html ...'). This could potentially lead to cross-site
scripting or unintended script privilege escalation if
the resulting output is viewed in a browser or
incorporated into a website.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top