Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3837

Опубликовано: 14 янв. 2011
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.1.34:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.1.37:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.43:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.46:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.47:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.48:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.49:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.49:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.50:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.45b:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.84:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:5.0.87:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.67:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.85:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.86:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.88:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.89:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.90:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.0.91:*:*:*:*:*:*:*

EPSS

Процентиль: 76%
0.00972
Низкий

4 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

ubuntu логотип

CVE-2010-3837

ubuntu
больше 14 лет назад

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

redhat логотип

CVE-2010-3837

redhat
около 15 лет назад

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

debian логотип

CVE-2010-3837

debian
больше 14 лет назад

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allow ...

github логотип

GHSA-8rvw-f3jq-rcm7

github
около 3 лет назад

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

oracle-oval логотип

ELSA-2010-0825

oracle-oval
больше 14 лет назад

ELSA-2010-0825: mysql security update (MODERATE)

EPSS

Процентиль: 76%
0.00972
Низкий

4 Medium

CVSS2

Дефекты

CWE-399