CVE-2004-2149

Name of the Vulnerable Software and Affected Versions MySQL versions 4.1.3 beta through 4.1.4

Description The issue is related to a buffer overflow in the prepared statements API in libmysqlclient, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a large number of placeholders.

Recommendations For MySQL versions 4.1.3 beta through 4.1.4, consider restricting the use of the prepared statements API in libmysqlclient until a patch is available. As a temporary workaround, limit the number of placeholders to prevent the buffer overflow.