Jean-David Maillefer

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 4.1 before 4.1.21 MySQL Server versions 5.0 before 5.0.21 **Description** A format string issue in the time.cc component allows remote authenticated users to cause a denial of service by providing a format string instead of a date as the first parameter to the `date format` function. This input is later used in a formatted print call to display an error message, leading to a potential crash. **Recommendations** For MySQL Server versions 4.1 before 4.1.21, update to version 4.1.21 or later. For MySQL Server versions 5.0 before 5.0.21, update to version 5.0.21 or later.