Описание
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.htmlThird Party Advisory
- Release Notes
- Issue TrackingPatch
- Issue TrackingPatch
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.htmlThird Party Advisory
- Release Notes
- Issue TrackingPatch
- Issue TrackingPatch
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
Связанные уязвимости
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Use-after-free vulnerability in the my_login function in DBD::mysql be ...
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Уязвимость операционной системы Debian GNU/Linux и драйвера DBD::mysql, позволяющая нарушителю оказать неопределённое воздействие
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2