exploitDog

GHSA-qg5c-7q7p-mwc6

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash () character.

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash () character.

Ссылки

EPSS

Процентиль: 71%

0.00695

Низкий

CVE ID

Связанные уязвимости

CVE-2005-2573

ubuntu

около 20 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

CVE-2005-2573

nvd

около 20 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

CVE-2005-2573

debian

около 20 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before ...

EPSS

Процентиль: 71%

0.00695

Низкий

CVE ID