Description

libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Remediation

References

CVE-2002-1376

Related Vulnerabilities

WordPress Plugin Twenty20 Image Before-After Malicious Code (1.6.3)

Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)

Oracle Database Server CVE-2015-2599 Vulnerability (CVE-2015-2599)

Oracle Database Server CVE-2008-2608 Vulnerability (CVE-2008-2608)

WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13)

Severity

High

Classification

CVE-2002-1376

Tags

Missing Update Known Vulnerabilities