Vulnerability-Lookup

CVE-2009-2446 (GCVE-0-2009-2446)

Vulnerability from cvelistv5 – Published: 2009-07-13 17:00 – Updated: 2024-08-07 05:52

Summary

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

GSD-2009-2446

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-2446

Aliases

CVE-2009-2446

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-2446",
    "description": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information.",
    "id": "GSD-2009-2446",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-2446.html",
      "https://www.debian.org/security/2009/dsa-1877",
      "https://access.redhat.com/errata/RHSA-2010:0110",
      "https://access.redhat.com/errata/RHSA-2009:1461",
      "https://access.redhat.com/errata/RHSA-2009:1289",
      "https://linux.oracle.com/cve/CVE-2009-2446.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-2446"
      ],
      "details": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information.",
      "id": "GSD-2009-2446",
      "modified": "2023-12-13T01:19:46.900644Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-2446",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "USN-1397-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "name": "20090708 MySQL \u003c= 5.0.45 post auth format string vulnerability",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html"
          },
          {
            "name": "20090708 MySQL \u003c= 5.0.45 post auth format string vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/504799/100/0/threaded"
          },
          {
            "name": "38517",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38517"
          },
          {
            "name": "USN-897-1",
            "refsource": "UBUNTU",
            "url": "http://ubuntu.com/usn/usn-897-1"
          },
          {
            "name": "RHSA-2009:1289",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html"
          },
          {
            "name": "APPLE-SA-2010-03-29-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "name": "1022533",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1022533"
          },
          {
            "name": "55734",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/55734"
          },
          {
            "name": "oval:org.mitre.oval:def:11857",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857"
          },
          {
            "name": "ADV-2009-1857",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1857"
          },
          {
            "name": "http://support.apple.com/kb/HT4077",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "name": "mysql-dispatchcommand-format-string(51614)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51614"
          },
          {
            "name": "MDVSA-2009:179",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:179"
          },
          {
            "name": "35609",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35609"
          },
          {
            "name": "RHSA-2010:0110",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0110.html"
          },
          {
            "name": "35767",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35767"
          },
          {
            "name": "36566",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36566"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2446"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-134"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35767",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35767"
            },
            {
              "name": "55734",
              "refsource": "OSVDB",
              "tags": [
                "Patch"
              ],
              "url": "http://www.osvdb.org/55734"
            },
            {
              "name": "1022533",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1022533"
            },
            {
              "name": "20090708 MySQL \u003c= 5.0.45 post auth format string vulnerability",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html"
            },
            {
              "name": "35609",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/35609"
            },
            {
              "name": "ADV-2009-1857",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1857"
            },
            {
              "name": "MDVSA-2009:179",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:179"
            },
            {
              "name": "RHSA-2010:0110",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0110.html"
            },
            {
              "name": "38517",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/38517"
            },
            {
              "name": "USN-897-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://ubuntu.com/usn/usn-897-1"
            },
            {
              "name": "APPLE-SA-2010-03-29-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4077",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4077"
            },
            {
              "name": "36566",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36566"
            },
            {
              "name": "RHSA-2009:1289",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html"
            },
            {
              "name": "mysql-dispatchcommand-format-string(51614)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51614"
            },
            {
              "name": "oval:org.mitre.oval:def:11857",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "20090708 MySQL \u003c= 5.0.45 post auth format string vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/504799/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-12-17T20:26Z",
      "publishedDate": "2009-07-13T17:30Z"
    }
  }
}

FKIE_CVE-2009-2446

Vulnerability from fkie_nvd - Published: 2009-07-13 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html	Exploit
cve@mitre.org	http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
cve@mitre.org	http://secunia.com/advisories/35767	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/36566
cve@mitre.org	http://secunia.com/advisories/38517
cve@mitre.org	http://securitytracker.com/id?1022533
cve@mitre.org	http://support.apple.com/kb/HT4077
cve@mitre.org	http://ubuntu.com/usn/usn-897-1
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
cve@mitre.org	http://www.osvdb.org/55734	Patch
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2009-1289.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2010-0110.html
cve@mitre.org	http://www.securityfocus.com/archive/1/504799/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/35609	Exploit
cve@mitre.org	http://www.ubuntu.com/usn/USN-1397-1
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1857
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35767	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36566
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38517
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1022533
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4077
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-897-1
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/55734	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2009-1289.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0110.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/504799/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35609	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1397-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1857
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857

Impacted products

Vendor	Product	Version
mysql	mysql	4.1.0
mysql	mysql	4.1.2
mysql	mysql	4.1.3
mysql	mysql	4.1.8
mysql	mysql	4.1.10
mysql	mysql	4.1.12
mysql	mysql	4.1.13
mysql	mysql	4.1.14
mysql	mysql	4.1.15
mysql	mysql	4.1.23
mysql	mysql	5.0.0
mysql	mysql	5.0.1
mysql	mysql	5.0.2
mysql	mysql	5.0.3
mysql	mysql	5.0.4
mysql	mysql	5.0.5
mysql	mysql	5.0.5.0.21
mysql	mysql	5.0.10
mysql	mysql	5.0.15
mysql	mysql	5.0.16
mysql	mysql	5.0.17
mysql	mysql	5.0.20
mysql	mysql	5.0.22.1.0.1
mysql	mysql	5.0.24
mysql	mysql	5.0.30
mysql	mysql	5.0.36
mysql	mysql	5.0.44
mysql	mysql	5.0.54
mysql	mysql	5.0.56
mysql	mysql	5.0.60
mysql	mysql	5.0.66
mysql	mysql	5.0.82
oracle	mysql	4.0.0
oracle	mysql	4.0.1
oracle	mysql	4.0.2
oracle	mysql	4.0.3
oracle	mysql	4.0.4
oracle	mysql	4.0.5
oracle	mysql	4.0.5a
oracle	mysql	4.0.6
oracle	mysql	4.0.7
oracle	mysql	4.0.7
oracle	mysql	4.0.8
oracle	mysql	4.0.8
oracle	mysql	4.0.9
oracle	mysql	4.0.9
oracle	mysql	4.0.10
oracle	mysql	4.0.11
oracle	mysql	4.0.11
oracle	mysql	4.0.12
oracle	mysql	4.0.13
oracle	mysql	4.0.14
oracle	mysql	4.0.15
oracle	mysql	4.0.16
oracle	mysql	4.0.17
oracle	mysql	4.0.18
oracle	mysql	4.0.19
oracle	mysql	4.0.20
oracle	mysql	4.0.21
oracle	mysql	4.0.23
oracle	mysql	4.0.24
oracle	mysql	4.0.25
oracle	mysql	4.0.26
oracle	mysql	4.0.27
oracle	mysql	4.1.0
oracle	mysql	4.1.1
oracle	mysql	4.1.2
oracle	mysql	4.1.3
oracle	mysql	4.1.4
oracle	mysql	4.1.5
oracle	mysql	4.1.6
oracle	mysql	4.1.7
oracle	mysql	4.1.9
oracle	mysql	4.1.11
oracle	mysql	4.1.16
oracle	mysql	4.1.17
oracle	mysql	4.1.18
oracle	mysql	4.1.19
oracle	mysql	4.1.20
oracle	mysql	4.1.21
oracle	mysql	4.1.22
oracle	mysql	5.0.0
oracle	mysql	5.0.3
oracle	mysql	5.0.6
oracle	mysql	5.0.7
oracle	mysql	5.0.8
oracle	mysql	5.0.9
oracle	mysql	5.0.11
oracle	mysql	5.0.12
oracle	mysql	5.0.13
oracle	mysql	5.0.14
oracle	mysql	5.0.18
oracle	mysql	5.0.19
oracle	mysql	5.0.21
oracle	mysql	5.0.22
oracle	mysql	5.0.23
oracle	mysql	5.0.25
oracle	mysql	5.0.26
oracle	mysql	5.0.27
oracle	mysql	5.0.30
oracle	mysql	5.0.32
oracle	mysql	5.0.33
oracle	mysql	5.0.37
oracle	mysql	5.0.38
oracle	mysql	5.0.41
oracle	mysql	5.0.42
oracle	mysql	5.0.45
oracle	mysql	5.0.50
oracle	mysql	5.0.51
oracle	mysql	5.0.51a
oracle	mysql	5.0.52
oracle	mysql	5.0.75
oracle	mysql	5.0.77
oracle	mysql	5.0.81
oracle	mysql	5.0.83

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEDB808-A8D8-403E-9103-AB486C793EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C6AAD13-3CA1-4543-834B-39FB53D4462D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1CEA0B-1234-4166-BD32-CCBB4016A9BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADBEDF5A-5205-4012-B9B8-0FA304E7119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF35900-4051-4E07-9BFA-347BEAB8AB67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC969A5-52CC-44F2-A929-DE559A5D7624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4D224C-8ABF-41A0-A7BE-C10C2387DE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DD36E9E-89A0-42C2-AC50-7A5BC53B3D0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CE88F-2941-4A08-9472-359CF214F81C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1D0C0F-08EF-4AFA-BBEA-CCDF04F90E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC198CDB-CAC0-41DD-9FCD-42536E7FE11A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77A2761-2B44-4061-9C29-A54F90A1AD83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3AD851-056F-4E57-B85B-4AC5A5A20C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD24EA8C-4FCA-4F40-B2EA-7DFA49432483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "754B78F2-A03C-40BE-812B-F5E57B93D20B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "575039BD-A8B6-4459-B5F0-F220A94650EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDA03768-74D2-4C5D-ABCF-8A91F9E6C273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "542B23CB-7535-4EF7-B926-466A5161A0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "45E686C3-4100-465C-9F45-068580B496E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9F09D8-6FAE-4A5B-AE04-248CD52C5FF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB618DB2-6B00-4E99-8232-937D2C51986B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "665E063D-355D-4A5A-A05F-36BF582DE36F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "214E3CF9-6362-4F5A-91B7-5E69564F7144",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C6CD84-EA5D-451F-AFC3-5F7094F0017D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF9271A-A816-44F6-A811-ECC1FB0993C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482D3D3-205C-495E-AF3A-E9C3018111F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "53853D65-F2C6-410F-9CF8-DED19B66BD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "D927706B-565F-4152-8F86-AC85F1AA469F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0291F7-27D9-4634-9DD3-21827C1CC5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D54A38-E7A0-4B89-BBA5-D98D4D7FF3DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A7AFEB8-711B-4DED-A24E-38012F415FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "9369CF20-D05C-41A2-8F9E-DE259FCF9E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41BEAD26-ADDC-4FC6-A493-584315183936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "153E8DFB-4197-4117-87C6-C0FBE3C05600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "765BF98E-7AB1-45EA-9935-2C311E621211",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCDCB80C-60B8-468E-A689-2C9DFF1F51C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "22408224-0634-4CC6-888F-892E9D932CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2646B4-593E-4AC9-8292-1AD805632DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD959AEC-EE71-4E86-9AD0-ED6FF45AC848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30EC061-A04C-4402-91A0-B7E8DA9DBA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5E12B3-F6CA-48CE-96C9-9B63EDB91C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "4D57E557-7F6D-4618-86AC-B10C08341900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ECE1A40-0603-421E-BCCF-111EC3C2BCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "B657610A-8EDB-407B-A81F-C3CDF2EF6ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC10CD2-B9A3-46DD-839E-C7FB6647155F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "E4D5D4B9-B831-4DDD-8FDD-3D14F167822A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC21395-4C78-4343-9452-578B24C2656D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BC82AF-5E80-4AE4-A765-9D3725D9E5F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "8CF2E25B-8689-4396-9C2B-99EEF4AB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5032D74E-CC8D-4217-AEF0-98DCD1820AE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46FEF7C-18DD-4C64-AFA3-0626A8CE2B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3340604-0D38-4494-847B-E9E8B0026A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC117BF1-3127-477A-9500-C9A32596ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC54D7B3-DC9B-43AC-BE10-565BDF292A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A7AC36-4E5D-483B-939E-257FDEDE48EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FED5BA55-FF4F-4F89-89B1-554624DDA1AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2CEF98-8561-42D2-BCE5-3AAE4DC81ACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "E00312DA-AB34-4E5B-AB7C-71AA3AD0AC8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A0C43BB-81C6-496F-AC7B-61382DE76B71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C9FF055-99BC-4E15-80C8-80FEF3CBA990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6ED2E0A-37C6-4BD2-87B0-FD3E6D0C2108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6132F5E-ADE6-44C2-85BD-17408594789F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B6779AC-EF41-46B5-8B26-07FA2537E5B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F038AF5-C96C-43EE-9D46-1DD8CAF567EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "1D3D4850-19F0-4FAF-B0DE-09ECBE6DCF92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24BD3CF-0047-47F8-8B13-E2A6348E3924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "BB7196E5-8483-4872-A78A-8BE7EC551CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "14DDA057-D211-42BD-B8AF-F250F1C5B88C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "32CA2F70-77E4-4280-B845-4CE5774162C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA788329-9A66-49EA-B7E4-E465C0E7E320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C06765-D153-4D4D-B8CD-DB2E386E082B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4297E6B7-6C5A-4D52-A66B-F9D1AE17E988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "141D83A9-89C2-456F-B70D-F274EBE3EAC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0670E6AA-28B1-4B0C-84F9-F3F9F3E6ABDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6769975-47A4-4D0A-9181-F59776D13D38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E942FA-A458-4607-B48D-FCA112AFF1CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E241159-FAA4-4DCF-AB68-BE36DF95D59A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6995B6-B594-454B-BD26-EACFB8241DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC14E107-7C11-4D5B-994B-CCACFD62097E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8105AE3-7FF6-43C5-9B47-29ACD4DD7C3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BA51FF-B163-4522-8D78-AF9C05D50511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "19001041-22C4-4D2C-A918-378DACBB1DF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "6F610D56-6BB6-48FB-B43A-670CE9168500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1668BB5B-E7FB-4430-B8D5-89E308F5DD39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F44DA1-1509-4AC7-AB6B-2B2A834A16AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A2D6DF6-FE5D-428F-BCEB-E7832C2B4FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7777E919-FD4B-452B-88D7-165410C703F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56ACB60-EC2C-45AF-B923-B3A90A2F7AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C52D66-3BCA-4854-BF09-CB6DF1AC0E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF54CC8D-B736-461D-B693-686E862EF969",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E5EADE4-9E1B-4A1C-B3B5-ACF1287A19E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "053ACE9B-A146-42C0-ADB2-47F6119965D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B4F891-2A03-45A8-A49C-7F8B8F7D8407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "69E62AC4-954E-476C-98BE-C138E328AE7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B88385C-F5FB-401F-80D5-5BF11CE3C19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA586E2B-A349-47C8-A17C-DA9016C6C3B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30CA14C-AE28-4D9A-B53D-B7C28D3BA56B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "811780EA-8805-41A6-A920-A201CCC80790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "11873AEA-5D6C-4AC0-915A-8A2869B2EFF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A7753CE5-61C4-4FBC-BB60-F7D4493E76E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC2EB4-2C8D-4EF7-83A6-CBE6FF759DD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "5965032E-5BC0-4E69-B097-F9EE2B24C861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F21A5A-F9C0-4860-80AD-1D3937483F28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "B54F660F-AE43-4F3B-8935-5712CAE860A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "4413BB52-6FBD-4C12-8864-ADDC65E45B25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B49F9BA-560B-40AE-9457-436830CDD371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "F53A8437-C61A-4203-B341-B5596569E50B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1435669-9BDA-40D4-BB30-C8AE1C3E7649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EBAE3C-F24D-4935-96BF-9541EC03B8F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD39950F-FBBF-4505-8FB5-EEF2886095F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA95EE27-389A-4068-AAC1-AD64DD6BB006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FA3E354-4366-46B5-ACD2-E72D0C8320A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C002047-0FB1-4DC6-9108-B4B5AAFAC16A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "584C0690-2826-4389-95AD-42048AEE1916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB85180-0F28-4281-BB59-E3F29BE25C9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de formato de cadena en la funci\u00f3n dispatch_command en libmysqld/sql_parse.cc en mysqld de MySQL v4.0.0 hasta v5.0.83 permiten a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (mediante ca\u00edda del demonio) y, posiblemente otros efectos no especificados, a trav\u00e9s de especificadores de formato de cadena en el nombre de base de datos en una petici\u00f3n (1) COM_CREATE_DB o (2) COM_DROP_DB. NOTA: Algunos de estos detalles se obtienen a partir de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2009-2446",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-07-13T17:30:00.217",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35767"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36566"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38517"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1022533"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://ubuntu.com/usn/usn-897-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:179"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/55734"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0110.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/504799/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/35609"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-1397-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1857"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51614"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1022533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-897-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/55734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0110.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/504799/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/35609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1397-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2446\n\nThis issue was addressed for Red hat Enterprise Linux 5 by https://rhn.redhat.com/errata/RHSA-2009-1289.html and Red Hat Enterprise Linux 4 by https://rhn.redhat.com/errata/RHSA-2010-0110.html .\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, future MySQL package updates may address this flaw for Red Hat Enterprise Linux 3 and Red Hat Application Stack 2.",
      "lastModified": "2010-02-17T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-Q8WR-MC75-9WJP

Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2022-05-02 03:35

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-2446"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-134"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-07-13T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.  NOTE: some of these details are obtained from third party information.",
  "id": "GHSA-q8wr-mc75-9wjp",
  "modified": "2022-05-02T03:35:19Z",
  "published": "2022-05-02T03:35:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2446"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51614"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35767"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36566"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38517"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1022533"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "type": "WEB",
      "url": "http://ubuntu.com/usn/usn-897-1"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:179"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/55734"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1289.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0110.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/504799/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35609"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1397-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1857"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2010-AVI-143

Vulnerability from certfr_avis - Published: 2010-03-30 - Updated: 2010-03-30

De multiples vulnérabilités ont été corrigées dans Mac OS X.

Description

Plusieurs vulnérabilités ont été corrigées dans Mac OS X. Elles permettent entre autres l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	macOS	Mac OS X 10.5 ;
Apple	macOS	Mac OS X 10.6 ;
Apple	macOS	Mac OS X Server 10.5 ;
Apple	macOS	Mac OS X Server 10.6.

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-2446 (GCVE-0-2009-2446)

GSD-2009-2446

FKIE_CVE-2009-2446

GHSA-Q8WR-MC75-9WJP

CERTA-2010-AVI-143

Description

Solution

Tags

Sightings

Nomenclature