Описание
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-3838
- https://bugzilla.redhat.com/show_bug.cgi?id=640858
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64840
- http://bugs.mysql.com/bug.php?id=54461
- http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html
- http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html
- http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
- http://secunia.com/advisories/42875
- http://secunia.com/advisories/42936
- http://support.apple.com/kb/HT4723
- http://www.debian.org/security/2011/dsa-2143
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:222
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:223
- http://www.redhat.com/support/errata/RHSA-2010-0825.html
- http://www.redhat.com/support/errata/RHSA-2011-0164.html
- http://www.securityfocus.com/bid/43676
- http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt
- http://www.ubuntu.com/usn/USN-1017-1
- http://www.ubuntu.com/usn/USN-1397-1
- http://www.vupen.com/english/advisories/2011/0105
- http://www.vupen.com/english/advisories/2011/0170
- http://www.vupen.com/english/advisories/2011/0345
EPSS
CVE ID
Связанные уязвимости
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allow ...
EPSS