← Back

CVE-2006-3469

nvd nist
Published: Jul 21, 2006Modified: Apr 16, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:N/I:N/A:P
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.

Affected (25)

Products: Mysql: Mysql · Oracle: Mysql
Mysql
1 product
Mysql
Oracle
1 product
Mysql
Configuration A
25 vulnerable
Vulnerable SoftwareAffected Versions
Mysql
Mysql
Version 4.1.12
Mysql
Version 4.1.13
Mysql
Version 4.1.14
Mysql
Version 4.1.15
Mysql
Version 4.1.8
Mysql
Version 5.0.10
Mysql
Version 5.0.15
Mysql
Version 5.0.16
Mysql
Version 5.0.17
Mysql
Version 5.0.5.0.21
Oracle
Mysql
Version 4.1.11
Mysql
Version 4.1.16
Mysql
Version 4.1.18
Mysql
Version 4.1.19
Mysql
Version 4.1.20
Mysql
Version 4.1.6
Mysql
Version 4.1.7
Mysql
Version 4.1.9
Mysql
Version 5.0.11
Mysql
Version 5.0.12
Mysql
Version 5.0.13
Mysql
Version 5.0.18
Mysql
Version 5.0.19
Mysql
Version 5.0.6
Mysql
Version 5.0.9

Related CWEs

CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (34)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.