CVE-2005-2572 in MySQLinfo

Summary

MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

08/16/2005

Disclosure

08/16/2005

Moderation

VulDB entry created

Entries

VDB-26015

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

9.9

EPSS

0.01363

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2572
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2572
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2572/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!