Description

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

Remediation

References

CVE-2002-0969

Related Vulnerabilities

ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075)

Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.3)

MySQL CVE-2015-0503 Vulnerability (CVE-2015-0503)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)

WordPress Plugin Images to WebP Multiple Vulnerabilities (1.8)

Severity

Medium

Classification

CVE-2002-0969

Tags

Missing Update Known Vulnerabilities