MyODBC Japanese Conversion Edition denial of service vulnerability


MyODBC is an ODBC driver that allows ODBC-compliant applications to communicate with a MySQL database. MyODBC Japanese Conversion Edition is a Windows version of the driver with additional Japanese encoding functionality released from SoftAgency.

MyODBC Japanese Conversion Edition contains a vulnerability which allows an attacker to cause a denial of service condition on a vulnerable server by sending a certain string as a response to a MySQL database.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Complete
Affected Products

SoftAgency Co., Ltd.
  • MyODBC Japanese Transformation Function version 3.51.06, 2.50.29, 2.50.25


A remote attacker could cause a denial of service condition by sending a certain string in a response to a MySQL database.

Development and maintenance of MyODBC Japanese Conversion Edition has finished. As MySQL 4.1 and higher automatically converts character encodings, we recommend that users use MySQL 4.1 or higher.
Vendor Information

SoftAgency Co., Ltd.
CWE (What is CWE?)

  1. No Mapping(CWE-DesignError) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2006-6948

  1. JVN : JVN#30994815
  2. National Vulnerability Database (NVD) : CVE-2006-6948
Revision History

  • [2008/05/21]
      Web page published