The first MySQL vulnerability, a stack-based buffer overflow, would allow an authenticated database user a chance to cause the MySQL daemon to crash, and then execute code with the same privileges as the user running MySQL. A heap-based overflow vulnerability, separate from the previous flaw, could be used to do the same thing – again the damage could be caused by an authenticated database user.

via Security Researcher Discloses New Batch of MySQL Vulnerabilities | SecurityWeek.Com.