CVE

CVE-2003-0073

Date: (C)2003-02-19   (M)2023-12-22

Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

http://marc.info/?l=bugtraq&m=104385719107879&w=2

BID-6718

CLA-2003:743

DSA-303

ESA-20030220-004

MDKSA-2003:013

RHSA-2003:093

RHSA-2003:094

RHSA-2003:166

http://www.mysql.com/doc/en/News-3.23.55.html

mysql-mysqlchangeuser-doublefree-dos(11199)