CVE-2006-2753 : Detail

CVE-2006-2753

0.42%V3
Network
2006-06-01
15h00 +00:00
2018-10-03
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Mysql>>Mysql >> Version 4.1.0

Mysql>>Mysql >> Version 4.1.2

Mysql>>Mysql >> Version 4.1.3

Mysql>>Mysql >> Version 4.1.8

Mysql>>Mysql >> Version 4.1.10

Mysql>>Mysql >> Version 4.1.12

Mysql>>Mysql >> Version 4.1.13

Mysql>>Mysql >> Version 4.1.14

Mysql>>Mysql >> Version 4.1.15

Mysql>>Mysql >> Version 5.0.0

Mysql>>Mysql >> Version 5.0.1

Mysql>>Mysql >> Version 5.0.2

Mysql>>Mysql >> Version 5.0.3

Mysql>>Mysql >> Version 5.0.4

Mysql>>Mysql >> Version 5.0.5

Mysql>>Mysql >> Version 5.0.10

Mysql>>Mysql >> Version 5.0.15

Mysql>>Mysql >> Version 5.0.16

Mysql>>Mysql >> Version 5.0.17

Mysql>>Mysql >> Version 5.0.20

Oracle>>Mysql >> Version 4.1.1

Oracle>>Mysql >> Version 4.1.4

Oracle>>Mysql >> Version 4.1.5

Oracle>>Mysql >> Version 4.1.6

Oracle>>Mysql >> Version 4.1.7

Oracle>>Mysql >> Version 4.1.9

Oracle>>Mysql >> Version 4.1.11

Oracle>>Mysql >> Version 4.1.16

Oracle>>Mysql >> Version 4.1.17

Oracle>>Mysql >> Version 4.1.18

Oracle>>Mysql >> Version 4.1.19

Oracle>>Mysql >> Version 5.0.6

Oracle>>Mysql >> Version 5.0.7

Oracle>>Mysql >> Version 5.0.8

Oracle>>Mysql >> Version 5.0.9

Oracle>>Mysql >> Version 5.0.11

Oracle>>Mysql >> Version 5.0.12

Oracle>>Mysql >> Version 5.0.13

Oracle>>Mysql >> Version 5.0.14

Oracle>>Mysql >> Version 5.0.18

Oracle>>Mysql >> Version 5.0.19

Oracle>>Mysql >> Version 5.0.21

References

http://www.debian.org/security/2006/dsa-1092
Tags : vendor-advisory, x_refsource_DEBIAN
http://lists.mysql.com/announce/364
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/20712
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:097
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/20541
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Tags : third-party-advisory, x_refsource_CERT
http://secunia.com/advisories/20562
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.trustix.org/errata/2006/0034/
Tags : vendor-advisory, x_refsource_TRUSTIX
http://www.gentoo.org/security/en/glsa/glsa-200606-13.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/20365
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20531
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2105
Tags : vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/18219
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/20489
Tags : third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1016216
Tags : vdb-entry, x_refsource_SECTRACK
https://usn.ubuntu.com/303-1/
Tags : vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2007/0930
Tags : vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/usn-288-3
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/20625
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0544.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24479
Tags : third-party-advisory, x_refsource_SECUNIA