Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-2753
HistoryJun 01, 2006 - 5:02 p.m.

CVE-2006-2753

2006-06-0117:02:00
[email protected]
web.nvd.nist.gov
5

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.004

Percentile

74.7%

JSON

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.

Affected configurations

Nvd
Node
mysqlmysqlMatch4.1.0
OR
mysqlmysqlMatch4.1.2
OR
mysqlmysqlMatch4.1.3
OR
mysqlmysqlMatch4.1.8
OR
mysqlmysqlMatch4.1.10
OR
mysqlmysqlMatch4.1.12
OR
mysqlmysqlMatch4.1.13
OR
mysqlmysqlMatch4.1.14
OR
mysqlmysqlMatch4.1.15
OR
mysqlmysqlMatch5.0.0
OR
mysqlmysqlMatch5.0.1
OR
mysqlmysqlMatch5.0.2
OR
mysqlmysqlMatch5.0.3
OR
mysqlmysqlMatch5.0.4
OR
mysqlmysqlMatch5.0.5
OR
mysqlmysqlMatch5.0.10
OR
mysqlmysqlMatch5.0.15
OR
mysqlmysqlMatch5.0.16
OR
mysqlmysqlMatch5.0.17
OR
mysqlmysqlMatch5.0.20
OR
oraclemysqlMatch4.1.1
OR
oraclemysqlMatch4.1.4
OR
oraclemysqlMatch4.1.5
OR
oraclemysqlMatch4.1.6
OR
oraclemysqlMatch4.1.7
OR
oraclemysqlMatch4.1.9
OR
oraclemysqlMatch4.1.11
OR
oraclemysqlMatch4.1.16
OR
oraclemysqlMatch4.1.17
OR
oraclemysqlMatch4.1.18
OR
oraclemysqlMatch4.1.19
OR
oraclemysqlMatch5.0.6
OR
oraclemysqlMatch5.0.7
OR
oraclemysqlMatch5.0.8
OR
oraclemysqlMatch5.0.9
OR
oraclemysqlMatch5.0.11
OR
oraclemysqlMatch5.0.12
OR
oraclemysqlMatch5.0.13
OR
oraclemysqlMatch5.0.14
OR
oraclemysqlMatch5.0.18
OR
oraclemysqlMatch5.0.19
OR
oraclemysqlMatch5.0.21
VendorProductVersionCPE
mysqlmysql4.1.0cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*
mysqlmysql4.1.2cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*
mysqlmysql4.1.3cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*
mysqlmysql4.1.8cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*
mysqlmysql4.1.10cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*
mysqlmysql4.1.12cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*
mysqlmysql4.1.13cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*
mysqlmysql4.1.14cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*
mysqlmysql4.1.15cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*
mysqlmysql5.0.0cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 421

References

Related

gentoo 1
nessus 11
debian 1
openvas 8
cvelist 1
ubuntucve 1
prion 1
securityvulns 1
cve 1
ubuntu 2
slackware 1
redhat 1
centos 1
gentoo
gentoo
MySQL: SQL Injection
2006-06-11 00:00:00
nessus
nessus
MySQL < 4.1.20 / 5.0.22 / 5.1.11 SQL Injection
2012-01-16 00:00:00
Ubuntu 5.10 / 6.06 LTS : mysql-dfsg-4.1, mysql-dfsg-5.0 vulnerability (USN-303-1)
2007-11-10 00:00:00
GLSA-200606-13 : MySQL: SQL Injection
2006-06-16 00:00:00
debian
debian
[SECURITY] [DSA 1092-1] New MySQL 4.1 packages fix SQL injection
2006-06-08 13:49:58
openvas
openvas
Gentoo Security Advisory GLSA 200606-13 (MySQL)
2008-09-24 00:00:00
Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200606-13 (MySQL)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2006-2753
2006-06-01 17:00:00
ubuntucve
ubuntucve
CVE-2006-2753
2006-06-01 00:00:00
prion
prion
Sql injection
2006-06-01 17:02:00
securityvulns
securityvulns
[ MDKSA-2006:097 ] - Updated MySQL packages fixes SQL injection vulnerability.
2006-06-08 00:00:00
cve
cve
CVE-2006-2753
2006-06-01 17:02:00
ubuntu
ubuntu
MySQL vulnerability
2006-06-17 00:00:00
PostgreSQL client vulnerabilities
2006-06-09 00:00:00
slackware
slackware
[slackware-security] mysql
2006-06-05 08:12:48
redhat
redhat
(RHSA-2006:0544) mysql security update
2006-06-09 00:00:00
centos
centos
mysql security update
2006-06-09 17:37:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.004

Percentile

74.7%

JSON
Related for NVD:CVE-2006-2753
gentoo1nessus11debian1openvas8cvelist1ubuntucve1prion1securityvulns1cve1ubuntu2slackware1redhat1centos1