← Back

CVE-2002-0969

nvd nist
Published: Oct 11, 2002Modified: Apr 16, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

Affected (2)

Products: Oracle: Mysql
Oracle
1 product
Mysql
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Oracle
Mysql
Before 3.23.50
Mysql
From 4.0.0 to 4.0.2
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (12)

Source: cve@mitre.org
Broken LinkExploitPatchVendor Advisory
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Broken LinkVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.