Ubuntu.comUB:CVE-2010-3838CVE-2010-3838
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.3%
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows
remote authenticated users to cause a denial of service (server crash) via
a query that uses the (1) GREATEST or (2) LEAST function with a mixed list
of numeric and LONGBLOB arguments, which is not properly handled when the
function’s result is “processed using an intermediate temporary table.”
Bugs
- <http://bugs.mysql.com/bug.php?id=54461>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599937>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3838>
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per server team |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.10 | noarch | mysql-5.1 | < 5.1.49-1ubuntu8.1 | UNKNOWN |
| ubuntu | 6.06 | noarch | mysql-dfsg-5.0 | < 5.0.22-0ubuntu6.06.15 | UNKNOWN |
| ubuntu | 8.04 | noarch | mysql-dfsg-5.0 | < 5.0.51a-3ubuntu5.8 | UNKNOWN |
| ubuntu | 9.10 | noarch | mysql-dfsg-5.1 | < 5.1.37-1ubuntu5.5 | UNKNOWN |
| ubuntu | 10.04 | noarch | mysql-dfsg-5.1 | < 5.1.41-3ubuntu12.7 | UNKNOWN |
Related
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.3%