Description
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Product(s):
- Oracle MySQL
- Oracle MySQL -
- Oracle MySQL 1.5.1
- Oracle MySQL 3.20.32a
- Oracle MySQL 3.20
- Oracle MySQL 3.21
- Oracle MySQL 3.22.26
- Oracle MySQL 3.22.27
- Oracle MySQL 3.22.28
- Oracle MySQL 3.22.29
- Oracle MySQL 3.22.30
- Oracle MySQL 3.22.32
- Oracle MySQL 3.22
- Oracle MySQL 3.23.0 Alpha
- Oracle MySQL 3.23.10
- Oracle MySQL 3.23.11
- Oracle MySQL 3.23.12
- Oracle MySQL 3.23.13
- Oracle MySQL 3.23.14
- Oracle MySQL 3.23.15
- Oracle MySQL 3.23.16
- Oracle MySQL 3.23.17
- Oracle MySQL 3.23.18
- Oracle MySQL 3.23.19
- Oracle MySQL 3.23.1
- Oracle MySQL 3.23.20 Beta
- Oracle MySQL 3.23.21
- Oracle MySQL 3.23.22
- Oracle MySQL 3.23.23
- Oracle MySQL 3.23.24
- Oracle MySQL 3.23.25
- Oracle MySQL 3.23.26
- Oracle MySQL 3.23.27
- Oracle MySQL 3.23.28
- Oracle MySQL 3.23.28 Gamma
- Oracle MySQL 3.23.29
- Oracle MySQL 3.23.2
- Oracle MySQL 3.23.30
- Oracle MySQL 3.23.31
- Oracle MySQL 3.23.32
- Oracle MySQL 3.23.33
- Oracle MySQL 3.23.34
- Oracle MySQL 3.23.35
- Oracle MySQL 3.23.36
- Oracle MySQL 3.23.37
- Oracle MySQL 3.23.38
- Oracle MySQL 3.23.39
- Oracle MySQL 3.23.3
- Oracle MySQL 3.23.40
- Oracle MySQL 3.23.41
- Oracle MySQL 3.23.42
- Oracle MySQL 3.23.43
- Oracle MySQL 3.23.44
- Oracle MySQL 3.23.45
- Oracle MySQL 3.23.46
- Oracle MySQL 3.23.47
- Oracle MySQL 3.23.48
- Oracle MySQL 3.23.49
- Oracle MySQL 3.23.4
- Oracle MySQL 3.23.5
- Oracle MySQL 3.23.6
- Oracle MySQL 3.23.7
- Oracle MySQL 3.23.8
- Oracle MySQL 3.23.9
- Oracle MySQL 3.23
- Oracle MySQL 4.0.0
- Oracle MySQL 4.0.1
- Oracle MySQL 4.0.2
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2002-0969, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-0969 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.
References:
- http://webappsec.pbworks.com/Buffer-Overflow
- https://capec.mitre.org/data/definitions/10.html
- https://capec.mitre.org/data/definitions/100.html
- https://capec.mitre.org/data/definitions/14.html
- https://capec.mitre.org/data/definitions/24.html
- https://capec.mitre.org/data/definitions/42.html
- https://capec.mitre.org/data/definitions/44.html
- https://capec.mitre.org/data/definitions/45.html
- https://capec.mitre.org/data/definitions/46.html
- https://capec.mitre.org/data/definitions/47.html
- https://capec.mitre.org/data/definitions/67.html
- https://capec.mitre.org/data/definitions/8.html
- https://capec.mitre.org/data/definitions/9.html
- https://capec.mitre.org/data/definitions/92.html
- https://nvd.nist.gov/vuln/detail/CVE-2002-0969