virus logo Intrusion Prevention

MySQL.MaxDB.WebSQL.Password.Buffer.Overflow

description-logoDescription

This indicates a possible exploit of a buffer overflow vulnerability in the websql CGI program, in MySQL MaxDB. It may allow remote attackers to execute arbitrary code via a long password parameter.

affected-products-logoAffected Products

MySQL AB MaxDB 7.5.00.16
MySQL AB MaxDB 7.5.00.15
MySQL AB MaxDB 7.5.00.14
MySQL AB MaxDB 7.5.00.12
MySQL AB MaxDB 7.5.00.11
MySQL AB MaxDB 7.5.00.08
MySQL AB MaxDB 7.5.00

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

The vendor has addressed in this issue in MaxDB 7.5.00.18 and subsequent.
MySQL AB MaxDB 7.5.00.14
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00.11
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00.15
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00.08
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00.12
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
MySQL AB MaxDB 7.5.00.16
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 103350920
Created Jan 31, 2007
Updated Apr 23, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2005-0111
Exploit Prediction Score 2.92%
Default Action Unavailable
Active