CVE-2003-0073 — Oracle Mysql vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

1.3%

top 20.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql

Timeline

PublishedFeb 19

Latest updateApr 29

Description

Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/mysql8 versions+7

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-5r59-c396-qwfm: Double-free vulnerability in mysqld for MySQL before 3↗2022-04-29

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-01-23

▶

💬Community

Bugzilla

CVE-2003-0073 security flaw↗2018-08-16

▶