PT-2009-5289 · Mysql Server · Mysql-Ocaml Bindings

Published

2009-10-22

Updated

2009-10-27

CVE-2009-2942

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: mysql-ocaml bindings version 1.0.4

Description: The issue is related to the improper support of the mysql real escape string function in the mysql-ocaml bindings, which could allow remote attackers to exploit escaping issues involving multibyte character encodings.

Recommendations: For mysql-ocaml bindings version 1.0.4, consider updating to a newer version that properly supports the mysql real escape string function to prevent potential exploitation of escaping issues.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2942

DSA-1910-1

Affected Products

Mysql-Ocaml Bindings

PT-2009-5289 · Mysql Server · Mysql-Ocaml Bindings

CVE-2009-2942

Related Identifiers

Affected Products

References · 8