Oracle · Libmysqlclient · CVE-2004-2149
**Name of the Vulnerable Software and Affected Versions**
MySQL versions 4.1.3 beta through 4.1.4
**Description**
The issue is related to a buffer overflow in the prepared statements API in libmysqlclient, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a large number of placeholders.
**Recommendations**
For MySQL versions 4.1.3 beta through 4.1.4, consider restricting the use of the prepared statements API in libmysqlclient until a patch is available. As a temporary workaround, limit the number of placeholders to prevent the buffer overflow.