Lucene search

[email protected]CVE-2010-3837

HistoryJan 14, 2011 - 7:02 p.m.

CVE-2010-3837

2011-01-1419:02:43

CWE-399

[email protected]

web.nvd.nist.gov

151

mysql

cve-2010-3837

denial of service

nvd

security vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

5.2 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

Affected configurations

NVD

Node

mysqlmysqlMatch5.1.5

mysqlmysqlMatch5.1.23

mysqlmysqlMatch5.1.31

mysqlmysqlMatch5.1.32

mysqlmysqlMatch5.1.34

mysqlmysqlMatch5.1.37

oraclemysqlMatch5.1

oraclemysqlMatch5.1.1

oraclemysqlMatch5.1.2

oraclemysqlMatch5.1.3

oraclemysqlMatch5.1.4

oraclemysqlMatch5.1.6

oraclemysqlMatch5.1.7

oraclemysqlMatch5.1.8

oraclemysqlMatch5.1.9

oraclemysqlMatch5.1.10

oraclemysqlMatch5.1.11

oraclemysqlMatch5.1.12

oraclemysqlMatch5.1.13

oraclemysqlMatch5.1.14

oraclemysqlMatch5.1.15

oraclemysqlMatch5.1.16

oraclemysqlMatch5.1.17

oraclemysqlMatch5.1.18

oraclemysqlMatch5.1.19

oraclemysqlMatch5.1.20

oraclemysqlMatch5.1.21

oraclemysqlMatch5.1.22

oraclemysqlMatch5.1.23a

oraclemysqlMatch5.1.24

oraclemysqlMatch5.1.25

oraclemysqlMatch5.1.26

oraclemysqlMatch5.1.27

oraclemysqlMatch5.1.28

oraclemysqlMatch5.1.29

oraclemysqlMatch5.1.30

oraclemysqlMatch5.1.31sp1

oraclemysqlMatch5.1.33

oraclemysqlMatch5.1.34sp1

oraclemysqlMatch5.1.35

oraclemysqlMatch5.1.36

oraclemysqlMatch5.1.37sp1

oraclemysqlMatch5.1.38

oraclemysqlMatch5.1.39

oraclemysqlMatch5.1.40

oraclemysqlMatch5.1.40sp1

oraclemysqlMatch5.1.41

oraclemysqlMatch5.1.42

oraclemysqlMatch5.1.43

oraclemysqlMatch5.1.43sp1

oraclemysqlMatch5.1.44

oraclemysqlMatch5.1.45

oraclemysqlMatch5.1.46

oraclemysqlMatch5.1.46sp1

oraclemysqlMatch5.1.47

oraclemysqlMatch5.1.48

oraclemysqlMatch5.1.49

oraclemysqlMatch5.1.49sp1

oraclemysqlMatch5.1.50

Node

oraclemysqlMatch5.5.0

oraclemysqlMatch5.5.1

oraclemysqlMatch5.5.2

oraclemysqlMatch5.5.3

oraclemysqlMatch5.5.4

oraclemysqlMatch5.5.5

Node

mysqlmysqlMatch5.0.0

mysqlmysqlMatch5.0.1

mysqlmysqlMatch5.0.2

mysqlmysqlMatch5.0.3

mysqlmysqlMatch5.0.4

mysqlmysqlMatch5.0.5

mysqlmysqlMatch5.0.5.0.21

mysqlmysqlMatch5.0.10

mysqlmysqlMatch5.0.15

mysqlmysqlMatch5.0.16

mysqlmysqlMatch5.0.17

mysqlmysqlMatch5.0.20

mysqlmysqlMatch5.0.22.1.0.1

mysqlmysqlMatch5.0.24

mysqlmysqlMatch5.0.30

mysqlmysqlMatch5.0.36

mysqlmysqlMatch5.0.44

mysqlmysqlMatch5.0.45b

mysqlmysqlMatch5.0.54

mysqlmysqlMatch5.0.56

mysqlmysqlMatch5.0.60

mysqlmysqlMatch5.0.66

mysqlmysqlMatch5.0.82

mysqlmysqlMatch5.0.84

mysqlmysqlMatch5.0.87

oraclemysqlMatch5.0.0alpha

oraclemysqlMatch5.0.3beta

oraclemysqlMatch5.0.6

oraclemysqlMatch5.0.7

oraclemysqlMatch5.0.8

oraclemysqlMatch5.0.9

oraclemysqlMatch5.0.11

oraclemysqlMatch5.0.12

oraclemysqlMatch5.0.13

oraclemysqlMatch5.0.14

oraclemysqlMatch5.0.18

oraclemysqlMatch5.0.19

oraclemysqlMatch5.0.21

oraclemysqlMatch5.0.22

oraclemysqlMatch5.0.23

oraclemysqlMatch5.0.25

oraclemysqlMatch5.0.26

oraclemysqlMatch5.0.27

oraclemysqlMatch5.0.30sp1

oraclemysqlMatch5.0.32

oraclemysqlMatch5.0.33

oraclemysqlMatch5.0.37

oraclemysqlMatch5.0.38

oraclemysqlMatch5.0.41

oraclemysqlMatch5.0.42

oraclemysqlMatch5.0.45

oraclemysqlMatch5.0.50

oraclemysqlMatch5.0.51

oraclemysqlMatch5.0.52

oraclemysqlMatch5.0.67

oraclemysqlMatch5.0.75

oraclemysqlMatch5.0.77

oraclemysqlMatch5.0.81

oraclemysqlMatch5.0.83

oraclemysqlMatch5.0.85

oraclemysqlMatch5.0.86

oraclemysqlMatch5.0.88

oraclemysqlMatch5.0.89

oraclemysqlMatch5.0.90

oraclemysqlMatch5.0.91

CPENameOperatorVersion
mysql:mysqlmysqleq5.1.5
mysql:mysqlmysqleq5.1.23
mysql:mysqlmysqleq5.1.31
mysql:mysqlmysqleq5.1.32
mysql:mysqlmysqleq5.1.34
mysql:mysqlmysqleq5.1.37
oracle:mysqloracle mysqleq5.1
oracle:mysqloracle mysqleq5.1.1
oracle:mysqloracle mysqleq5.1.2
oracle:mysqloracle mysqleq5.1.3

CPE	Name	Operator	Version
mysql:mysql	mysql	eq	5.1.5
mysql:mysql	mysql	eq	5.1.23
mysql:mysql	mysql	eq	5.1.31
mysql:mysql	mysql	eq	5.1.32
mysql:mysql	mysql	eq	5.1.34
mysql:mysql	mysql	eq	5.1.37
oracle:mysql	oracle mysql	eq	5.1
oracle:mysql	oracle mysql	eq	5.1.1
oracle:mysql	oracle mysql	eq	5.1.2
oracle:mysql	oracle mysql	eq	5.1.3