Lucene search

[email protected]NVD:CVE-2010-3835

HistoryJan 14, 2011 - 7:02 p.m.

CVE-2010-3835

2011-01-1419:02:42

CWE-189

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.

Affected configurations

NVD

Node

mysqlmysqlMatch5.1.5

mysqlmysqlMatch5.1.23

mysqlmysqlMatch5.1.31

mysqlmysqlMatch5.1.32

mysqlmysqlMatch5.1.34

mysqlmysqlMatch5.1.37

oraclemysqlMatch5.1

oraclemysqlMatch5.1.1

oraclemysqlMatch5.1.2

oraclemysqlMatch5.1.3

oraclemysqlMatch5.1.4

oraclemysqlMatch5.1.6

oraclemysqlMatch5.1.7

oraclemysqlMatch5.1.8

oraclemysqlMatch5.1.9

oraclemysqlMatch5.1.10

oraclemysqlMatch5.1.11

oraclemysqlMatch5.1.12

oraclemysqlMatch5.1.13

oraclemysqlMatch5.1.14

oraclemysqlMatch5.1.15

oraclemysqlMatch5.1.16

oraclemysqlMatch5.1.17

oraclemysqlMatch5.1.18

oraclemysqlMatch5.1.19

oraclemysqlMatch5.1.20

oraclemysqlMatch5.1.21

oraclemysqlMatch5.1.22

oraclemysqlMatch5.1.23a

oraclemysqlMatch5.1.24

oraclemysqlMatch5.1.25

oraclemysqlMatch5.1.26

oraclemysqlMatch5.1.27

oraclemysqlMatch5.1.28

oraclemysqlMatch5.1.29

oraclemysqlMatch5.1.30

oraclemysqlMatch5.1.31sp1

oraclemysqlMatch5.1.33

oraclemysqlMatch5.1.34sp1

oraclemysqlMatch5.1.35

oraclemysqlMatch5.1.36

oraclemysqlMatch5.1.37sp1

oraclemysqlMatch5.1.38

oraclemysqlMatch5.1.39

oraclemysqlMatch5.1.40

oraclemysqlMatch5.1.40sp1

oraclemysqlMatch5.1.41

oraclemysqlMatch5.1.42

oraclemysqlMatch5.1.43

oraclemysqlMatch5.1.43sp1

oraclemysqlMatch5.1.44

oraclemysqlMatch5.1.45

oraclemysqlMatch5.1.46

oraclemysqlMatch5.1.46sp1

oraclemysqlMatch5.1.47

oraclemysqlMatch5.1.48

oraclemysqlMatch5.1.49

oraclemysqlMatch5.1.49sp1

oraclemysqlMatch5.1.50

Node

oraclemysqlMatch5.5.0

oraclemysqlMatch5.5.1

oraclemysqlMatch5.5.2

oraclemysqlMatch5.5.3

oraclemysqlMatch5.5.4

oraclemysqlMatch5.5.5

References

bugs.mysql.com/bug.php?id=55564

dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html

dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html

lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

secunia.com/advisories/42875

secunia.com/advisories/42936

support.apple.com/kb/HT4723

www.debian.org/security/2011/dsa-2143

www.mandriva.com/security/advisories?name=MDVSA-2010:222

www.mandriva.com/security/advisories?name=MDVSA-2010:223

www.redhat.com/support/errata/RHSA-2010-0825.html

www.redhat.com/support/errata/RHSA-2011-0164.html

www.securityfocus.com/bid/43676

www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt

www.ubuntu.com/usn/USN-1017-1

www.ubuntu.com/usn/USN-1397-1

www.vupen.com/english/advisories/2011/0105

www.vupen.com/english/advisories/2011/0170

www.vupen.com/english/advisories/2011/0345

bugzilla.redhat.com/show_bug.cgi?id=640819

exchange.xforce.ibmcloud.com/vulnerabilities/64843

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for NVD:CVE-2010-3835

ubuntucve1 prion1 cvelist1 cve1 veracode1 openvas21 nessus25 redhat2 oraclelinux2 debian2 osv1 centos1 securityvulns4 ubuntu2 gentoo1