Lucene search

[email protected]NVD:CVE-2010-3839

HistoryJan 14, 2011 - 7:02 p.m.

CVE-2010-3839

2011-01-1419:02:44

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

5.8 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.

Affected configurations

NVD

Node

mysqlmysqlMatch5.1.5

mysqlmysqlMatch5.1.23

mysqlmysqlMatch5.1.31

mysqlmysqlMatch5.1.32

mysqlmysqlMatch5.1.34

mysqlmysqlMatch5.1.37

oraclemysqlMatch5.1

oraclemysqlMatch5.1.1

oraclemysqlMatch5.1.2

oraclemysqlMatch5.1.3

oraclemysqlMatch5.1.4

oraclemysqlMatch5.1.6

oraclemysqlMatch5.1.7

oraclemysqlMatch5.1.8

oraclemysqlMatch5.1.9

oraclemysqlMatch5.1.10

oraclemysqlMatch5.1.11

oraclemysqlMatch5.1.12

oraclemysqlMatch5.1.13

oraclemysqlMatch5.1.14

oraclemysqlMatch5.1.15

oraclemysqlMatch5.1.16

oraclemysqlMatch5.1.17

oraclemysqlMatch5.1.18

oraclemysqlMatch5.1.19

oraclemysqlMatch5.1.20

oraclemysqlMatch5.1.21

oraclemysqlMatch5.1.22

oraclemysqlMatch5.1.23a

oraclemysqlMatch5.1.24

oraclemysqlMatch5.1.25

oraclemysqlMatch5.1.26

oraclemysqlMatch5.1.27

oraclemysqlMatch5.1.28

oraclemysqlMatch5.1.29

oraclemysqlMatch5.1.30

oraclemysqlMatch5.1.31sp1

oraclemysqlMatch5.1.33

oraclemysqlMatch5.1.34sp1

oraclemysqlMatch5.1.35

oraclemysqlMatch5.1.36

oraclemysqlMatch5.1.37sp1

oraclemysqlMatch5.1.38

oraclemysqlMatch5.1.39

oraclemysqlMatch5.1.40

oraclemysqlMatch5.1.40sp1

oraclemysqlMatch5.1.41

oraclemysqlMatch5.1.42

oraclemysqlMatch5.1.43

oraclemysqlMatch5.1.43sp1

oraclemysqlMatch5.1.44

oraclemysqlMatch5.1.45

oraclemysqlMatch5.1.46

oraclemysqlMatch5.1.46sp1

oraclemysqlMatch5.1.47

oraclemysqlMatch5.1.48

oraclemysqlMatch5.1.49

oraclemysqlMatch5.1.49sp1

oraclemysqlMatch5.1.50

Node

oraclemysqlMatch5.5.0

oraclemysqlMatch5.5.1

oraclemysqlMatch5.5.2

oraclemysqlMatch5.5.3

oraclemysqlMatch5.5.4

oraclemysqlMatch5.5.5

References

bugs.mysql.com/bug.php?id=53544

dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html

dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html

secunia.com/advisories/42936

www.mandriva.com/security/advisories?name=MDVSA-2010:222

www.mandriva.com/security/advisories?name=MDVSA-2010:223

www.redhat.com/support/errata/RHSA-2010-0825.html

www.redhat.com/support/errata/RHSA-2011-0164.html

www.securityfocus.com/bid/43676

www.ubuntu.com/usn/USN-1017-1

www.ubuntu.com/usn/USN-1397-1

www.vupen.com/english/advisories/2011/0170

bugzilla.redhat.com/show_bug.cgi?id=640861

exchange.xforce.ibmcloud.com/vulnerabilities/64839

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

5.8 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON

Related for NVD:CVE-2010-3839

veracode1 cve1 prion1 cvelist1 ubuntucve1 openvas18 nessus22 redhat2 centos1 oraclelinux2 ubuntu2 securityvulns2 gentoo1