Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1518Improper Restriction of Operations within the Bounds of a Memory Buffer in Mysql

4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
42.8%
top 2.51%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
MysqlOracle Mysql
Timeline
PublishedMay 5
Latest updateMay 1

Description

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages2 packages

NVDmysql/mysql10 versions+9
NVDoracle/mysql12 versions+11

Patches

Patch: bugs.debian.orgPatch: dev.mysql.comPatch: secunia.com

🔴Vulnerability Details

1
GHSA
GHSA-h32j-3wm9-j393: Buffer overflow in the open_table function in sql_base2022-05-01

💥Exploits & PoCs

1
Exploit-DB
MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow2006-05-02

💬Community

1
Bugzilla
CVE-2006-1518 Mysql buffer overflow2006-05-05
CVE-2006-1518 — Mysql vulnerability | cvebase