Vulnerability Details : CVE-2006-3469

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.

Vulnerability category: OverflowDenial of service

Published 2006-07-21 14:03:00

Updated 2019-12-17 20:16:23

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-3469

Probability of exploitation activity in the next 30 days: 93.18%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-3469

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.0	MEDIUM	AV:N/AC:L/Au:S/C:N/I:N/A:P	8.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2006-3469

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Assigned by: [email protected] (Primary)

Vendor statements for CVE-2006-3469

Red Hat 2008-07-25

This issue was addressed in mysql packages as shipped in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2008-0768.html This issue did not affect mysql packages as shipped with Red Hat Enterprise Linux 2.1, 3, or 5, and Red Hat Application Stack v1 and v2.

References for CVE-2006-3469

Products affected by CVE-2006-3469

Oracle » Mysql » Version: 4.1.9
cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.18
cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.16
cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.6
cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.7
cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.12
cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.13
cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.11
cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.18
cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.19
cpe:2.3:a:oracle:mysql:4.1.19:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.6
cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.9
cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.11
cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.0.19
cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 4.1.20
cpe:2.3:a:oracle:mysql:4.1.20:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 4.1.12
cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 4.1.13
cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 4.1.8
cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.15
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.16
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.17
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 4.1.14
cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 4.1.15
cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.10
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql » Version: 5.0.5.0.21
cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*
Matching versions