Definition


New Search

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS BIG5 and GBK which are not properly handled when the mysql_real_escape function is used to escape the input.

oval:org.mitre.oval:def:10312

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS BIG5 and GBK which are not properly handled when the mysql_real_escape function is used to escape the input.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-2753
Product(s):