Oval Definition:	oval:org.mitre.oval:def:10312
Revision Date: 2013-04-29 Version: 11 Title: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. Description: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-2753 Platform(s): CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 4 Product(s): Definition Synopsis RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section mysql is earlier than 0:4.1.20-1.RHEL4.1 OR mysql-devel is earlier than 0:4.1.20-1.RHEL4.1 OR mysql-bench is earlier than 0:4.1.20-1.RHEL4.1 OR mysql-server is earlier than 0:4.1.20-1.RHEL4.1
BACK