Total vulnerabilities in the database
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
| Software | From | Fixed in |
|---|---|---|
| mysql / maxdb | 7.5.00 | 7.5.00.x |
| mysql / maxdb | 7.5.00.18 | 7.5.00.18.x |
| mysql / maxdb | 7.5.00.15 | 7.5.00.15.x |
| mysql / maxdb | 7.5.00.12 | 7.5.00.12.x |
| mysql / maxdb | 7.5.00.16 | 7.5.00.16.x |
| mysql / maxdb | 7.5.00.14 | 7.5.00.14.x |
| mysql / maxdb | 7.5.00.19 | 7.5.00.19.x |
| mysql / maxdb | 7.5.00.11 | 7.5.00.11.x |
| mysql / maxdb | 7.5.00.08 | 7.5.00.08.x |