Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-3682
HistoryJan 11, 2011 - 8:00 p.m.

CVE-2010-3682

2011-01-1120:00:01
[email protected]
web.nvd.nist.gov
8

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

5.6

Confidence

Low

EPSS

0.039

Percentile

92.2%

JSON

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted “SELECT … UNION … ORDER BY (SELECT … WHERE …)” statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.

Affected configurations

Nvd
Node
mysqlmysqlRange5.1.48
OR
mysqlmysqlMatch5.1.23
OR
mysqlmysqlMatch5.1.31
OR
mysqlmysqlMatch5.1.32
OR
mysqlmysqlMatch5.1.34
OR
mysqlmysqlMatch5.1.37
OR
oraclemysqlMatch5.1.1
OR
oraclemysqlMatch5.1.2
OR
oraclemysqlMatch5.1.3
OR
oraclemysqlMatch5.1.4
OR
oraclemysqlMatch5.1.10
OR
oraclemysqlMatch5.1.11
OR
oraclemysqlMatch5.1.12
OR
oraclemysqlMatch5.1.13
OR
oraclemysqlMatch5.1.14
OR
oraclemysqlMatch5.1.15
OR
oraclemysqlMatch5.1.16
OR
oraclemysqlMatch5.1.17
OR
oraclemysqlMatch5.1.18
OR
oraclemysqlMatch5.1.19
OR
oraclemysqlMatch5.1.20
OR
oraclemysqlMatch5.1.21
OR
oraclemysqlMatch5.1.22
OR
oraclemysqlMatch5.1.23a
OR
oraclemysqlMatch5.1.24
OR
oraclemysqlMatch5.1.25
OR
oraclemysqlMatch5.1.26
OR
oraclemysqlMatch5.1.27
OR
oraclemysqlMatch5.1.28
OR
oraclemysqlMatch5.1.29
OR
oraclemysqlMatch5.1.30
OR
oraclemysqlMatch5.1.31sp1
OR
oraclemysqlMatch5.1.33
OR
oraclemysqlMatch5.1.34sp1
OR
oraclemysqlMatch5.1.35
OR
oraclemysqlMatch5.1.36
OR
oraclemysqlMatch5.1.37sp1
OR
oraclemysqlMatch5.1.38
OR
oraclemysqlMatch5.1.39
OR
oraclemysqlMatch5.1.40
OR
oraclemysqlMatch5.1.40sp1
OR
oraclemysqlMatch5.1.41
OR
oraclemysqlMatch5.1.42
OR
oraclemysqlMatch5.1.43
OR
oraclemysqlMatch5.1.43sp1
OR
oraclemysqlMatch5.1.44
OR
oraclemysqlMatch5.1.45
OR
oraclemysqlMatch5.1.46
OR
oraclemysqlMatch5.1.46sp1
OR
oraclemysqlMatch5.1.47
Node
mysqlmysqlRange5.0.91
OR
mysqlmysqlMatch5.0.0
OR
mysqlmysqlMatch5.0.1
OR
mysqlmysqlMatch5.0.2
OR
mysqlmysqlMatch5.0.10
OR
mysqlmysqlMatch5.0.15
OR
mysqlmysqlMatch5.0.16
OR
mysqlmysqlMatch5.0.17
OR
mysqlmysqlMatch5.0.20
OR
mysqlmysqlMatch5.0.24
OR
mysqlmysqlMatch5.0.30
OR
mysqlmysqlMatch5.0.36
OR
mysqlmysqlMatch5.0.44
OR
mysqlmysqlMatch5.0.54
OR
mysqlmysqlMatch5.0.56
OR
mysqlmysqlMatch5.0.60
OR
mysqlmysqlMatch5.0.66
OR
mysqlmysqlMatch5.0.72
OR
mysqlmysqlMatch5.0.74
OR
mysqlmysqlMatch5.0.82
OR
mysqlmysqlMatch5.0.84
OR
mysqlmysqlMatch5.0.87
OR
oraclemysqlMatch5.0.28
OR
oraclemysqlMatch5.0.30sp1
OR
oraclemysqlMatch5.0.32
OR
oraclemysqlMatch5.0.34
OR
oraclemysqlMatch5.0.36sp1
OR
oraclemysqlMatch5.0.38
OR
oraclemysqlMatch5.0.40
OR
oraclemysqlMatch5.0.41
OR
oraclemysqlMatch5.0.42
OR
oraclemysqlMatch5.0.44sp1
OR
oraclemysqlMatch5.0.45
OR
oraclemysqlMatch5.0.46
OR
oraclemysqlMatch5.0.48
OR
oraclemysqlMatch5.0.50
OR
oraclemysqlMatch5.0.51a
OR
oraclemysqlMatch5.0.51b
OR
oraclemysqlMatch5.0.52
OR
oraclemysqlMatch5.0.56sp1
OR
oraclemysqlMatch5.0.58
OR
oraclemysqlMatch5.0.62
OR
oraclemysqlMatch5.0.64
OR
oraclemysqlMatch5.0.66a
OR
oraclemysqlMatch5.0.66sp1
OR
oraclemysqlMatch5.0.67
OR
oraclemysqlMatch5.0.68
OR
oraclemysqlMatch5.0.70
OR
oraclemysqlMatch5.0.72sp1
OR
oraclemysqlMatch5.0.74sp1
OR
oraclemysqlMatch5.0.75
OR
oraclemysqlMatch5.0.76
OR
oraclemysqlMatch5.0.77
OR
oraclemysqlMatch5.0.78
OR
oraclemysqlMatch5.0.79
OR
oraclemysqlMatch5.0.80
OR
oraclemysqlMatch5.0.81
OR
oraclemysqlMatch5.0.82sp1
OR
oraclemysqlMatch5.0.83
OR
oraclemysqlMatch5.0.84sp1
OR
oraclemysqlMatch5.0.85
OR
oraclemysqlMatch5.0.86
OR
oraclemysqlMatch5.0.87sp1
OR
oraclemysqlMatch5.0.88
OR
oraclemysqlMatch5.0.89
OR
oraclemysqlMatch5.0.90
VendorProductVersionCPE
mysqlmysql*cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*
mysqlmysql5.1.23cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*
mysqlmysql5.1.31cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*
mysqlmysql5.1.32cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*
mysqlmysql5.1.34cpe:2.3:a:mysql:mysql:5.1.34:*:*:*:*:*:*:*
mysqlmysql5.1.37cpe:2.3:a:mysql:mysql:5.1.37:*:*:*:*:*:*:*
oraclemysql5.1.1cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
oraclemysql5.1.2cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
oraclemysql5.1.3cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
oraclemysql5.1.4cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 1151

References

Related

prion 1
veracode 1
cve 1
cvelist 1
exploitdb 1
ubuntucve 1
openvas 26
nessus 23
securityvulns 5
fedora 2
debian 2
centos 1
osv 1
redhat 2
oraclelinux 2
ubuntu 2
gentoo 1
prion
prion
Null pointer dereference
2011-01-11 20:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:42
cve
cve
CVE-2010-3682
2011-01-11 20:00:01
cvelist
cvelist
CVE-2010-3682
2011-01-11 19:00:00
exploitdb
exploitdb
MySQL 5.1.48 - 'EXPLAIN' Denial of Service
2010-08-20 00:00:00
ubuntucve
ubuntucve
CVE-2010-3682
2010-11-05 00:00:00
openvas
openvas
MySQL Mysqld Multiple Denial Of Service Vulnerabilities
2011-01-18 00:00:00
Mandriva Update for mysql MDVSA-2011:012 (mysql)
2011-01-21 00:00:00
Fedora Update for mysql FEDORA-2010-15147
2010-12-02 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : mysql (MDVSA-2011:012)
2011-01-28 00:00:00
Fedora 14 : mysql-5.1.50-2.fc14 (2010-15147)
2010-10-06 00:00:00
Fedora 13 : mysql-5.1.50-2.fc13 (2010-15166)
2010-10-06 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:155-1 ] mysql
2010-11-09 00:00:00
MySQL multiple security vulnerabilities
2010-11-15 00:00:00
[USN-1017-1] MySQL vulnerabilities
2010-11-15 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: mysql-5.1.50-2.fc14
2010-10-05 13:15:08
[SECURITY] Fedora 13 Update: mysql-5.1.50-2.fc13
2010-10-05 09:34:37
debian
debian
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
centos
centos
mysql security update
2010-11-05 14:26:35
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2011-01-14 00:00:00
redhat
redhat
(RHSA-2010:0825) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2011:0164) Moderate: mysql security update
2011-01-18 00:00:00
oraclelinux
oraclelinux
mysql security update
2010-11-03 00:00:00
mysql security update
2011-02-10 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-11-11 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

5.6

Confidence

Low

EPSS

0.039

Percentile

92.2%

JSON
Related for NVD:CVE-2010-3682
prion1veracode1cve1cvelist1exploitdb1ubuntucve1openvas26nessus23securityvulns5fedora2debian2centos1osv1redhat2oraclelinux2ubuntu2gentoo1