Description
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6563 Vulnerability (CVE-2014-6563)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8627)
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3506)
Internet Information Services Other Vulnerability (CVE-1999-0412)
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2020-11080)