Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code or cause a denial of service via a special Hello packet . Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths ...