Vulnerabilities

CVE-2006-2753

by Fred · 01/06/2006

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.

Date published : 2006-06-01

http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

http://www.securityfocus.com/bid/18219

Similar

Tags: Cybersecurity Alert