Type Error Propagation Issue in MySQL Products by Oracle
CVE-2010-3833

Currently unrated

Key Information:

Vendor

Mysql

Status
Mysql
Vendor
CVE Published:
14 January 2011

What is CVE-2010-3833?

MySQL versions prior to 5.0.92, 5.1.51, and 5.5.6 contain a vulnerability that fails to appropriately manage type errors when processing arguments for extreme-value functions like LEAST and GREATEST. This can potentially be exploited by remote attackers, leading to a denial of service situation characterized by server crashes during specific operations, such as 'CREATE TABLE ... SELECT'.

References

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html
x_refsource_CONFIRM
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1397-1
vendor-advisoryx_refsource_UBUNTU

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.