Description

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

Remediation

References

CVE-2002-0969

Related Vulnerabilities

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0791)

WordPress Plugin CiviCRM Security Bypass (5.35.1)

PHP Use After Free Vulnerability (CVE-2016-7479)

phpMyAdmin Improper Input Validation Vulnerability (CVE-2011-3646)

WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)

Severity

Medium

Classification

CVE-2002-0969

Tags

Missing Update Known Vulnerabilities