CVE-2014-0001

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions prior to 5.5.35 MariaDB versions prior to 5.5.35

Description The issue is related to a buffer overflow in the client/mysql.cc file, which can be exploited by remote database servers. This can cause a denial of service (crash) and possibly allow the execution of arbitrary code via a long server version string. The vulnerability can be exploited using a long server version string, potentially leading to a denial of service or code execution on the remote database server.

Recommendations For Oracle MySQL versions prior to 5.5.35, update to version 5.5.35 or later to resolve the issue. For MariaDB versions prior to 5.5.35, update to version 5.5.35 or later to resolve the issue. As a temporary workaround, consider restricting access to the client/mysql.cc file or limiting the length of server version strings to minimize the risk of exploitation.