CVE-2009-2446
Vulnerability Summary
Timeline
Description
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
CVSS Metrics
- v2.0•HIGH•Score: 8.5AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS Trends
Current EPSS score: 7.27%• Percentile: 92%
Techniques & Countermeasures
- CWE-134•Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Affected Systems
- mysql•mysql
4.1.0 | 4.1.2 | 4.1.3 | 4.1.8 | 4.1.10 | 4.1.12 | 4.1.13 | 4.1.14 | 4.1.15 | 4.1.23 | 5.0.0 | 5.0.1 | 5.0.2 | 5.0.3 | 5.0.4 | 5.0.5 | 5.0.5.0.21 | 5.0.10 | 5.0.15 | 5.0.16 | 5.0.17 | 5.0.20 | 5.0.22.1.0.1 | 5.0.24 | 5.0.30 | 5.0.36 | 5.0.44 | 5.0.54 | 5.0.56 | 5.0.60 | 5.0.66 | 5.0.82
- oracle•mysql
4.0.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.0.5 | 4.0.5a | 4.0.6 | 4.0.7 | 4.0.7:gamma | 4.0.8 | 4.0.8:gamma | 4.0.9 | 4.0.9:gamma | 4.0.10 | 4.0.11 | 4.0.11:gamma | 4.0.12 | 4.0.13 | 4.0.14 | 4.0.15 | 4.0.16 | 4.0.17 | 4.0.18 | 4.0.19 | 4.0.20 | 4.0.21 | 4.0.23 | 4.0.24 | 4.0.25 | 4.0.26 | 4.0.27 | 4.1.0:alpha | 4.1.1 | 4.1.2:alpha | 4.1.3:beta | 4.1.4 | 4.1.5 | 4.1.6 | 4.1.7 | 4.1.9 | 4.1.11 | 4.1.16 | 4.1.17 | 4.1.18 | 4.1.19 | 4.1.20 | 4.1.21 | 4.1.22 | 5.0.0:alpha | 5.0.3:beta | 5.0.6 | 5.0.7 | 5.0.8 | 5.0.9 | 5.0.11 | 5.0.12 | 5.0.13 | 5.0.14 | 5.0.18 | 5.0.19 | 5.0.21 | 5.0.22 | 5.0.23 | 5.0.25 | 5.0.26 | 5.0.27 | 5.0.30:sp1 | 5.0.32 | 5.0.33 | 5.0.37 | 5.0.38 | 5.0.41 | 5.0.42 | 5.0.45 | 5.0.50 | 5.0.51 | 5.0.51a | 5.0.52 | 5.0.75 | 5.0.77 | 5.0.81 | 5.0.83
References (18)
- http://www.ubuntu.com/usn/USN-1397-1
- http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html
- http://www.securityfocus.com/archive/1/504799/100/0/threaded
- http://secunia.com/advisories/38517
- http://ubuntu.com/usn/usn-897-1
- http://www.redhat.com/support/errata/RHSA-2009-1289.html
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://securitytracker.com/id?1022533
- http://www.osvdb.org/55734
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857
- http://www.vupen.com/english/advisories/2009/1857
- http://support.apple.com/kb/HT4077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
- http://www.securityfocus.com/bid/35609
- http://www.redhat.com/support/errata/RHSA-2010-0110.html
- http://secunia.com/advisories/35767
- http://secunia.com/advisories/36566