Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2004-0836)

Description

Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).

Remediation

References

Related Vulnerabilities

WordPress Plugin HTML5 jQuery Audio Player Multiple Cross-Site Scripting Vulnerabilities (2.3)

WordPress Plugin Custom Field Suite Cross-Site Request Forgery (2.5.15)

Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-15588)

WordPress Plugin Simple Download Monitor Multiple Cross-Site Request Forgery Vulnerabilities (3.9.8)

Oracle Database Server CVE-2018-3259 Vulnerability (CVE-2018-3259)

Severity

Critical

Classification

CVE-2004-0836 CWE-119

Tags

Missing Update Known Vulnerabilities