[VIM] affected versions for old MySQL ALTER TABLE (CVE-2004-0835)
Steven M. Christey
coley at mitre.org
Thu Feb 15 17:43:29 EST 2007
It was brought to my attention that CVE-2004-0835 lists a variety of
affected versions, but many other vdb's only list one or two. The
narrower version range was probably inherited from some Linux distro
that only supported one or two release trees. Debian released an
advisory on Oct 11, 2004 and Red Hat released one on the 20th, and
both of these only covered 3.23; later advisories added more versions.
It took a bit of digging, but I found some other proof that it affects
more than 3.23:
http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html
http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html
Just search for "CVE-2004-0835"
It was *not* listed in the 5.0.1 changelog, however, and I'm not
exactly sure where we got that from for the CVE description.
- Steve
More information about the VIM
mailing list