Vulnerability Details : CVE-2002-0969
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2002-0969
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 33 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-0969
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2002-0969
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2002-0969
-
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0004.html
Broken Link;Exploit;Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/5853
Broken Link;Third Party Advisory;VDB Entry
-
http://www.iss.net/security_center/static/10243.php
Broken Link;Vendor Advisory
-
http://www.westpoint.ltd.uk/advisories/wp-02-0003.txt
Broken Link
-
http://marc.info/?l=bugtraq&m=103358628011935&w=2
'wp-02-0003: MySQL Locally Exploitable Buffer Overflow' - MARCMailing List
-
http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.x
fw_error_wwwBroken Link
Products affected by CVE-2002-0969
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*