CVE-2009-2942 Information

Description

The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function which might allow remote attackers to leverage escaping issues involving multibyte character encodings.

Reference

http://secunia.com/advisories/37047 http://www.debian.org/security/2009/dsa-1910 http://www.mandriva.com/security/advisories?name=MDVSA-2009:279 http://www.osvdb.org/59030