Description

The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.

Remediation

References

CVE-2009-5026

Related Vulnerabilities

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0738)

WordPress Plugin Cool Flickr Slideshow Cross-Site Scripting (1.0)

WordPress Plugin YITH WooCommerce Wishlist Security Bypass (2.2.13)

Python Uncontrolled Resource Consumption Vulnerability (CVE-2020-8492)

WordPress Plugin Geo Mashup Unspecified Vulnerability (1.10.3)

Severity

Medium

Classification

CVE-2009-5026 CWE-138

Tags

Missing Update Known Vulnerabilities