CVE-2003-1331 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Mysql

3 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

1.9%

top 16.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql

Timeline

PublishedDec 31

Latest updateApr 29

Description

Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.

CVSS vector

AV:N/AC:H/C:N/I:P/A:PExploitability: 4.9 | Impact: 4.9

Affected Packages1 packages

▶NVDoracle/mysql4.0.9

🔴Vulnerability Details

GHSA

GHSA-w3vj-p2cf-85rg: Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4↗2022-04-29

▶

📋Vendor Advisories

Red Hat

CVE-2003-1331: Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4↗

▶