GCVE - cpe:2.3:a:mysql:maxdb:7.5.00.18:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mysql:maxdb:7.5.00.18:*:*:*:*:*:*:*

part: a version: 7.5.00.18 update: *

Vendor	Mysql (`ed5ca9e5-b35c-577b-a574-83118837ee82`)
Product	Maxdb (`1c99bc50-eb37-50e9-832d-35afc1ed9ba1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2005-0684`	vulnerable	2026-06-08 04:48:13.308862	Details available Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. Published: 2005-04-26T04:00:00.000Z Updated: 2024-08-07T21:21:06.487Z Open on db.gcve.eu Reference links http://www.idefense.com/application/poi/display?id=234&type=vulnerabilities http://www.securityfocus.com/bid/13368 http://dev.mysql.com/doc/maxdb/changes/changes_7.5.00.26.html#WebDAV http://www.idefense.com/application/poi/display?id=235&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0082`	vulnerable	2026-06-08 04:48:11.276552	Details available The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. Published: 2005-01-20T05:00:00.000Z Updated: 2024-09-16T18:29:51.936Z Open on db.gcve.eu Reference links http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0081`	vulnerable	2026-06-08 04:48:11.275564	Details available MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. Published: 2005-01-20T05:00:00.000Z Updated: 2024-09-16T16:52:39.115Z Open on db.gcve.eu Reference links http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1169`	vulnerable	2026-06-08 04:47:53.192095	Details available MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. Published: 2004-12-10T05:00:00.000Z Updated: 2024-08-08T00:39:01.047Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=110244542000340&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18387	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1168`	vulnerable	2026-06-08 04:47:53.191616	Details available Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header. Published: 2004-12-10T05:00:00.000Z Updated: 2024-08-08T00:39:00.868Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/18386 http://marc.info/?l=bugtraq&m=110244542000340&w=2	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.