- Home
- CVEs with nessus.description==Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application. The Common Vulnerabilities and Exposures project identifies the following two problems :
- CVE-2008-3963 Kay Roepke reported that the MySQL server would not properly handle an empty bit-string literal in a SQL statement, allowing an authenticated remote attacker to cause a denial of service (a crash) in mysqld. This issue affects the oldstable distribution (etch), but not the stable distribution (lenny).
- CVE-2008-4456 Thomas Henlich reported that the MySQL commandline client application did not encode HTML special characters when run in HTML output mode (that is, 'mysql
--html ...'). This could potentially lead to cross-site scripting or unintended script privilege escalation if the resulting output is viewed in a browser or incorporated into a website.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top