CVE-2009-2446

HIGH

Details

Source: MITRE

Published: 2009-07-13

Updated: 2019-12-17

Type: CWE-134

Risk Information

CVSS v2.0

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:4.1.23:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*

cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.0.27:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.17:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.19:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.20:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.21:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:4.1.22:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*

Tenable Plugins

View all (22 total)

IDNameProductFamilySeverity
67998Oracle Linux 4 : mysql (ELSA-2010-0110)NessusOracle Linux Local Security Checks
high
63890RHEL 5 : mysql (RHSA-2009:1289)NessusRed Hat Local Security Checks
high
60735Scientific Linux Security Update : mysql on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
60655Scientific Linux Security Update : mysql on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
58325Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1397-1)NessusUbuntu Local Security Checks
high
17804MySQL < 5.0.83 Denial of ServiceNessusDatabases
high
57446GLSA-201201-02 : MySQL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
5489Mac OS X < 10.6.3 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
45372Mac OS X 10.6.x < 10.6.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
44742Debian DSA-1877-1 : mysql-dfsg-5.0 - denial of service/execution of arbitrary codeNessusDebian Local Security Checks
high
44647CentOS 4 : mysql (CESA-2010:0110)NessusCentOS Local Security Checks
high
44635RHEL 4 : mysql (RHSA-2010:0110)NessusRed Hat Local Security Checks
high
44585Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-897-1)NessusUbuntu Local Security Checks
high
43782CentOS 5 : mysql (CESA-2009:1289)NessusCentOS Local Security Checks
high
43045Mandriva Linux Security Advisory : mysql (MDVSA-2009:326)NessusMandriva Local Security Checks
high
42015openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-6360)NessusSuSE Local Security Checks
high
41560SuSE 10 Security Update : MySQL (ZYPP Patch Number 6446)NessusSuSE Local Security Checks
high
41421SuSE 11 Security Update : MySQL (SAT Patch Number 1114)NessusSuSE Local Security Checks
high
41313SuSE9 Security Update : MySQL (YOU Patch Number 12456)NessusSuSE Local Security Checks
high
40790openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-1116)NessusSuSE Local Security Checks
high
40784openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-1116)NessusSuSE Local Security Checks
high
40397Mandriva Linux Security Advisory : mysql (MDVSA-2009:159)NessusMandriva Local Security Checks
high