Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-3835
HistoryJan 14, 2011 - 7:02 p.m.

CVE-2010-3835

2011-01-1419:02:42
CWE-189
mitre
web.nvd.nist.gov
56
cve-2010-3835
mysql
5.1
5.5
denial of service
nvd

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

5.2

Confidence

High

EPSS

0.012

Percentile

85.4%

JSON

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.

Affected configurations

Nvd
Node
mysqlmysqlMatch5.1.5
OR
mysqlmysqlMatch5.1.23
OR
mysqlmysqlMatch5.1.31
OR
mysqlmysqlMatch5.1.32
OR
mysqlmysqlMatch5.1.34
OR
mysqlmysqlMatch5.1.37
OR
oraclemysqlMatch5.1
OR
oraclemysqlMatch5.1.1
OR
oraclemysqlMatch5.1.2
OR
oraclemysqlMatch5.1.3
OR
oraclemysqlMatch5.1.4
OR
oraclemysqlMatch5.1.6
OR
oraclemysqlMatch5.1.7
OR
oraclemysqlMatch5.1.8
OR
oraclemysqlMatch5.1.9
OR
oraclemysqlMatch5.1.10
OR
oraclemysqlMatch5.1.11
OR
oraclemysqlMatch5.1.12
OR
oraclemysqlMatch5.1.13
OR
oraclemysqlMatch5.1.14
OR
oraclemysqlMatch5.1.15
OR
oraclemysqlMatch5.1.16
OR
oraclemysqlMatch5.1.17
OR
oraclemysqlMatch5.1.18
OR
oraclemysqlMatch5.1.19
OR
oraclemysqlMatch5.1.20
OR
oraclemysqlMatch5.1.21
OR
oraclemysqlMatch5.1.22
OR
oraclemysqlMatch5.1.23a
OR
oraclemysqlMatch5.1.24
OR
oraclemysqlMatch5.1.25
OR
oraclemysqlMatch5.1.26
OR
oraclemysqlMatch5.1.27
OR
oraclemysqlMatch5.1.28
OR
oraclemysqlMatch5.1.29
OR
oraclemysqlMatch5.1.30
OR
oraclemysqlMatch5.1.31sp1
OR
oraclemysqlMatch5.1.33
OR
oraclemysqlMatch5.1.34sp1
OR
oraclemysqlMatch5.1.35
OR
oraclemysqlMatch5.1.36
OR
oraclemysqlMatch5.1.37sp1
OR
oraclemysqlMatch5.1.38
OR
oraclemysqlMatch5.1.39
OR
oraclemysqlMatch5.1.40
OR
oraclemysqlMatch5.1.40sp1
OR
oraclemysqlMatch5.1.41
OR
oraclemysqlMatch5.1.42
OR
oraclemysqlMatch5.1.43
OR
oraclemysqlMatch5.1.43sp1
OR
oraclemysqlMatch5.1.44
OR
oraclemysqlMatch5.1.45
OR
oraclemysqlMatch5.1.46
OR
oraclemysqlMatch5.1.46sp1
OR
oraclemysqlMatch5.1.47
OR
oraclemysqlMatch5.1.48
OR
oraclemysqlMatch5.1.49
OR
oraclemysqlMatch5.1.49sp1
OR
oraclemysqlMatch5.1.50
Node
oraclemysqlMatch5.5.0
OR
oraclemysqlMatch5.5.1
OR
oraclemysqlMatch5.5.2
OR
oraclemysqlMatch5.5.3
OR
oraclemysqlMatch5.5.4
OR
oraclemysqlMatch5.5.5
VendorProductVersionCPE
mysqlmysql5.1.5cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
mysqlmysql5.1.23cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*
mysqlmysql5.1.31cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*
mysqlmysql5.1.32cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*
mysqlmysql5.1.34cpe:2.3:a:mysql:mysql:5.1.34:*:*:*:*:*:*:*
mysqlmysql5.1.37cpe:2.3:a:mysql:mysql:5.1.37:*:*:*:*:*:*:*
oraclemysql5.1cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
oraclemysql5.1.1cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
oraclemysql5.1.2cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
oraclemysql5.1.3cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 651

References

Related

veracode 1
ubuntucve 1
prion 1
nvd 1
cvelist 1
openvas 21
nessus 25
debian 2
centos 1
redhat 2
oraclelinux 2
osv 1
ubuntu 2
securityvulns 4
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:43
ubuntucve
ubuntucve
CVE-2010-3835
2010-11-05 00:00:00
prion
prion
Code injection
2011-01-14 19:02:00
nvd
nvd
CVE-2010-3835
2011-01-14 19:02:42
cvelist
cvelist
CVE-2010-3835
2011-01-14 18:00:00
openvas
openvas
MySQL Denial of Service (infinite loop) Vulnerabilities
2011-01-21 00:00:00
Oracle MySQL < 5.1.51 Multiple DoS Vulnerabilities
2010-11-10 00:00:00
Mandriva Update for mysql MDVSA-2010:223 (mysql)
2010-11-16 00:00:00
nessus
nessus
MySQL < 5.5.6 Multiple Denial of Service
2012-01-18 00:00:00
openSUSE Security Update : libmariadbclient16 (openSUSE-SU-2011:0743-1)
2014-06-13 00:00:00
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2011:1250-1)
2014-06-13 00:00:00
debian
debian
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
centos
centos
mysql security update
2010-11-05 14:26:35
redhat
redhat
(RHSA-2010:0825) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2011:0164) Moderate: mysql security update
2011-01-18 00:00:00
oraclelinux
oraclelinux
mysql security update
2010-11-03 00:00:00
mysql security update
2011-02-10 00:00:00
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2011-01-14 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-11-11 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
securityvulns
securityvulns
MySQL multiple security vulnerabilities
2010-11-15 00:00:00
[USN-1017-1] MySQL vulnerabilities
2010-11-15 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

5.2

Confidence

High

EPSS

0.012

Percentile

85.4%

JSON
Related for CVE-2010-3835
veracode1ubuntucve1prion1nvd1cvelist1openvas21nessus25debian2centos1redhat2oraclelinux2osv1ubuntu2securityvulns4gentoo1