Lucene search

[email protected]NVD:CVE-2006-7232

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-7232

2006-12-3105:00:00

CWE-89

[email protected]

web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.7%

JSON

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Affected configurations

NVD

Node

mysqlmysqlRange5.0–5.0.32

mysqlmysqlRange5.1–5.1.14

Node

canonicalubuntu_linuxMatch6.06lts

canonicalubuntu_linuxMatch6.10

canonicalubuntu_linuxMatch7.04

canonicalubuntu_linuxMatch7.10

References

bugs.mysql.com/bug.php?id=22413

dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html

dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

secunia.com/advisories/29443

secunia.com/advisories/30351

secunia.com/advisories/31687

www.redhat.com/support/errata/RHSA-2008-0364.html

www.securityfocus.com/bid/28351

www.ubuntu.com/usn/usn-588-1

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11720

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for NVD:CVE-2006-7232

ubuntucve1 veracode1 cvelist1 cve1 nessus9 openvas12 ubuntu2 redhat1 suse1 oraclelinux1