CVE-2013-1861
5.1 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.943 High
EPSS
Percentile
99.2%
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| mariadb:mariadb | mariadb | lt | 5.5.32 |
| mariadb:mariadb | mariadb | lt | 10.0.4 |
References
lists.askmonty.org/pipermail/commits/2013-March/004371.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html
lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html
lists.opensuse.org/opensuse-updates/2013-08/msg00024.html
lists.opensuse.org/opensuse-updates/2013-09/msg00008.html
seclists.org/oss-sec/2013/q1/671
secunia.com/advisories/52639
secunia.com/advisories/54300
security.gentoo.org/glsa/glsa-201409-04.xml
www.debian.org/security/2013/dsa-2818
www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
www.osvdb.org/91415
www.securityfocus.com/bid/58511
www.ubuntu.com/usn/USN-1909-1
bugzilla.redhat.com/show_bug.cgi?id=919247
exchange.xforce.ibmcloud.com/vulnerabilities/82895
mariadb.atlassian.net/browse/MDEV-4252
Related
5.1 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.943 High
EPSS
Percentile
99.2%