Ubuntu.comUB:CVE-2009-4019CVE-2009-4019
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.111 Low
EPSS
Percentile
95.1%
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1)
properly handle errors during execution of certain SELECT statements with
subqueries, and does not (2) preserve certain null_value flags during
execution of statements that use the GeomFromWKB function, which allows
remote authenticated users to cause a denial of service (daemon crash) via
a crafted statement.
Bugs
- <http://bugs.mysql.com/47780>
- <http://bugs.mysql.com/48291>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4019>
Notes
| Author | Note |
|---|---|
| mdeslaur | per upstream, bug 48291 was introduced in 5.0.32 and 5.1.15 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | mysql-dfsg-5.0 | <Β 5.0.22-0ubuntu6.06.12 | UNKNOWN |
| ubuntu | 8.04 | noarch | mysql-dfsg-5.0 | <Β 5.0.51a-3ubuntu5.5 | UNKNOWN |
| ubuntu | 8.10 | noarch | mysql-dfsg-5.0 | <Β 5.0.67-0ubuntu6.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | mysql-dfsg-5.0 | <Β 5.1.30really5.0.75-0ubuntu10.3 | UNKNOWN |
| ubuntu | 9.10 | noarch | mysql-dfsg-5.1 | <Β 5.1.37-1ubuntu5.1 | UNKNOWN |
Related
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.111 Low
EPSS
Percentile
95.1%