CVE-2006-1518

critical

Description

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26232

http://www.wisec.it/vulns.php?page=8

http://www.vupen.com/english/advisories/2006/1633

http://www.securityfocus.com/bid/17780

http://www.securityfocus.com/archive/1/432734/100/0/threaded

http://www.novell.com/linux/security/advisories/2006-06-02.html

http://www.kb.cert.org/vuls/id/602457

http://www.debian.org/security/2006/dsa-1079

http://www.debian.org/security/2006/dsa-1073

http://www.debian.org/security/2006/dsa-1071

http://securitytracker.com/id?1016016

http://securityreason.com/securityalert/839

http://secunia.com/advisories/20762

http://secunia.com/advisories/20457

http://secunia.com/advisories/20333

http://secunia.com/advisories/20253

http://secunia.com/advisories/20241

http://secunia.com/advisories/19929

http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939

Details

Source: Mitre, NVD

Published: 2006-05-05

Updated: 2019-12-17

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics