Denial of Service Vulnerability in MySQL Products by Oracle
CVE-2010-3838

Currently unrated

Key Information:

Vendor: Mysql
Status: Mysql
Vendor: CVE Published:; 14 January 2011

What is CVE-2010-3838?

MySQL versions prior to 5.0.92, 5.1.51, and 5.5.6 are susceptible to a denial of service condition. Remote authenticated users can exploit this vulnerability by executing a query with the GREATEST or LEAST function that includes a mixture of numeric and LONGBLOB arguments. The improper handling of such queries may lead to server crashes, causing interruption of services and potentially impacting application availability.

References

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html

x_refsource_CONFIRM

http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html

x_refsource_CONFIRM

http://www.ubuntu.com/usn/USN-1397-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Jan 14, 2011
Vulnerability Reserved
Oct 7, 2010

Mysql

What is CVE-2010-3838?

References

Timeline