Lucene search

[email protected]NVD:CVE-2013-1861

HistoryMar 28, 2013 - 11:55 p.m.

CVE-2013-1861

2013-03-2823:55:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.901

Percentile

98.8%

JSON

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Affected configurations

Nvd

Node

mariadbmariadbRange5.5.0–5.5.32

mariadbmariadbRange10.0.0–10.0.4

Node

oraclemysqlRange5.1.0–5.1.69

oraclemysqlRange5.5.0–5.5.31

oraclemysqlRange5.6.0–5.6.11

Node

redhatenterprise_linuxMatch5

redhatenterprise_linuxMatch6.0

Node

mariadbmariadbRange5.5.0–5.5.32

mariadbmariadbRange10.0.0–10.0.4

Node

debiandebian_linuxMatch7.0

Node

canonicalubuntu_linuxMatch10.04-

canonicalubuntu_linuxMatch12.04-

canonicalubuntu_linuxMatch12.10

canonicalubuntu_linuxMatch13.04

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

suselinux_enterprise_desktopMatch11sp3

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

suselinux_enterprise_software_development_kitMatch11sp3

VendorProductVersionCPE
mariadbmariadb*cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
oraclemysql*cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
redhatenterprise_linux5cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
redhatenterprise_linux6.0cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
canonicalubuntu_linux10.04cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
canonicalubuntu_linux12.10cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
canonicalubuntu_linux13.04cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
opensuseopensuse11.4cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mariadb	mariadb	*	cpe:2.3:a:mariadb:mariadb::::::::
oracle	mysql	*	cpe:2.3:a:oracle:mysql::::::::
redhat	enterprise_linux	5	cpe:2.3:o:redhat:enterprise_linux:5:::::::*
redhat	enterprise_linux	6.0	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
debian	debian_linux	7.0	cpe:2.3:o:debian:debian_linux:7.0:::::::*
canonical	ubuntu_linux	10.04	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
canonical	ubuntu_linux	12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
canonical	ubuntu_linux	12.10	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
canonical	ubuntu_linux	13.04	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
opensuse	opensuse	11.4	cpe:2.3:o:opensuse:opensuse:11.4:::::::*