By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
MySQL is a popular database server, with more than four million installations worldwide, supporting high-profile Web sites and business applications.
It can be run on a variety of operating systems including Microsoft's Windows as well as Linux and Unix.
The advisory by e-matters identifies four separate vulnerabilities in the MySQL code, two affecting the MySQL server component and two affecting the MySQL client.
All four vulnerabilities could be used to execute denial of service attacks against the affected MySQL component, exploiting the flaws to crash the server or client.
The vulnerabilities range from buffer overflows that can cause MySQL component crashes to others that could allow malicious code to be read and executed on an affected machine.
One of the server vulnerabilities could also allow an attacker to break into the MySQL root account and compromise the databases running on that server.
Used in combination with each other, the vulnerabilities could allow an attacker to break into a system running the MySQL database server software or elevate his or her access privileges on that system, e-matters said.
The vulnerabilities have been fixed in the latest version MySQL Database Server and e-matters is urging users to update their installations.
A number of software vendors have also issued alerts and software updates covering the MySQL vulnerabilities in their own products.
Guardian Digital issued an advisory encouraging users of its EnGarde Secure Linux product to update their systems to use the patched version of MySQL, as did the makers of Gentoo Linux, a free Linux distribution.