The MySQL server is be prone to a buffer overflow when copying the name of a user-defined function into a stack-based buffer.
Exploiting this vulnerability would require the ability to create user-defined functions. This is not typically granted to untrusted users, however given this vulnerability you should understand the ramifications of granting the ability to create user-defined functions.
- Upgrade the MySQL server to the latest version.
- MySQL 5.1 to 5.1.18 multiple vulnerabilities
- WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)
- WordPress Plugin Comment Rating 'id' Parameter SQL Injection (2.9.23)
- WordPress Plugin WordPress Calls to Action Multiple Cross-Site Scripting Vulnerabilities (2.5.0)
- WordPress Plugin Redirection PHP Object Injection (2.7.3)