Vulnerability Description
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mysql | Mysql | 5.0.1 |
| Oracle | Mysql | 5.0.0 |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939Patch
- http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.htmlPatch
- http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
- http://secunia.com/advisories/19929PatchVendor Advisory
- http://secunia.com/advisories/20241
- http://secunia.com/advisories/20253
- http://secunia.com/advisories/20333
- http://secunia.com/advisories/20457
- http://secunia.com/advisories/20762
- http://securityreason.com/securityalert/839
- http://securitytracker.com/id?1016016Patch
- http://www.debian.org/security/2006/dsa-1071
- http://www.debian.org/security/2006/dsa-1073
- http://www.debian.org/security/2006/dsa-1079
- http://www.kb.cert.org/vuls/id/602457PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2006-1518?
CVE-2006-1518 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length valu...
How severe is CVE-2006-1518?
CVE-2006-1518 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1518?
Check the references section above for vendor advisories and patch information. Affected products include: Mysql Mysql, Oracle Mysql.