Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2005-2573

Опубликовано: 16 авг. 2005
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash () character.

РелизСтатусПримечание
dapper

not-affected

devel

DNE

edgy

not-affected

feisty

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 71%
0.00695
Низкий

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2005-2573

nvd
около 20 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

debian логотип

CVE-2005-2573

debian
около 20 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before ...

github логотип

GHSA-qg5c-7q7p-mwc6

github
больше 3 лет назад

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.

EPSS

Процентиль: 71%
0.00695
Низкий

5 Medium

CVSS2