Description

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

Remediation

References

CVE-2002-0969

Related Vulnerabilities

Oracle Database Server CVE-2014-6563 Vulnerability (CVE-2014-6563)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8627)

OpenSSL Resource Management Errors Vulnerability (CVE-2014-3506)

Internet Information Services Other Vulnerability (CVE-1999-0412)

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2020-11080)

Severity

Medium

Classification

CVE-2002-0969

Tags

Missing Update Known Vulnerabilities