← back
CVE-2006-2753

CVE-2006-2753

EPSS 3.2%
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369735http://docs.info.apple.com/article.html?artnum=305214http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlhttp://lists.mysql.com/announce/364http://secunia.com/advisories/20365http://secunia.com/advisories/20489http://secunia.com/advisories/20531http://secunia.com/advisories/20541http://secunia.com/advisories/20562http://secunia.com/advisories/20625http://secunia.com/advisories/20712http://secunia.com/advisories/24479