CVE-2010-3840

2010-11-0500:00:00

ubuntu.com

0.01 Low

EPSS

Percentile

83.4%

JSON

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1
before 5.1.51 allows remote authenticated users to cause a denial of
service (server crash) by calling the PolyFromWKB function with Well-Known
Binary (WKB) data containing a crafted number of (1) line strings or (2)
line points.

Bugs

Notes

Author	Note
jdstrand	mysql-cluster-7.0 not supported per server team

OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchmysql-5.1< 5.1.49-1ubuntu8.1UNKNOWN
ubuntu6.06noarchmysql-dfsg-5.0< 5.0.22-0ubuntu6.06.15UNKNOWN
ubuntu8.04noarchmysql-dfsg-5.0< 5.0.51a-3ubuntu5.8UNKNOWN
ubuntu9.10noarchmysql-dfsg-5.1< 5.1.37-1ubuntu5.5UNKNOWN
ubuntu10.04noarchmysql-dfsg-5.1< 5.1.41-3ubuntu12.7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.10	noarch	mysql-5.1	< 5.1.49-1ubuntu8.1	UNKNOWN
ubuntu	6.06	noarch	mysql-dfsg-5.0	< 5.0.22-0ubuntu6.06.15	UNKNOWN
ubuntu	8.04	noarch	mysql-dfsg-5.0	< 5.0.51a-3ubuntu5.8	UNKNOWN
ubuntu	9.10	noarch	mysql-dfsg-5.1	< 5.1.37-1ubuntu5.5	UNKNOWN
ubuntu	10.04	noarch	mysql-dfsg-5.1	< 5.1.41-3ubuntu12.7	UNKNOWN