CVE-2004-0837 — Oracle Mysql vulnerability

5 documents5 sources

Severity

2.6LOWNVD

EPSS

2.4%

top 15.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql Debian Linux Mysql

Timeline

PublishedNov 3

Latest updateApr 29

Description

MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/mysql3.20 — 3.23.49+1

▶NVDmysql/mysql4.1.0

Also affects: Debian Linux 3.0

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-8p34-xxjh-4hrg: MySQL 4↗2022-04-29

▶

📋Vendor Advisories

Ubuntu

mysql vulnerabilities↗2004-11-25

▶

Red Hat

security flaw↗2004-01-15

▶

💬Community

Bugzilla

CVE-2004-0837 security flaw↗2018-08-16

▶