Page 55 of 361 results (0.014 seconds)

CVSS: 4.0EPSS: 3%CPEs: 61EXPL: 4

CVE-2010-3681 – Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service

https://notcve.org/view.php?id=CVE-2010-3681

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.5 anteriores a 5.5.5, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio mysqld) mediante la interfaz HANDLER y realizar "alternate reads from two indexes on a table", lo que desencadena un fallo de aserción. • https://www.exploit-db.com/exploits/34520 http://bugs.mysql.com/bug.php?id=54007 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 http://www.debian.org/security/2011/dsa-21 •

CVSS: 5.0EPSS: 11%CPEs: 56EXPL: 4

CVE-2010-3678 – Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service

https://notcve.org/view.php?id=CVE-2010-3678

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. MySQL de Oracle versiones 5.1 anteriores a 5.1.49, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) por medio de operaciones (1) IN o (2) CASE con argumentos NULL que son especificados explícitamente o indirectamente proporcionados por el modificador WITH ROLLUP. • https://www.exploit-db.com/exploits/15467 http://bugs.mysql.com/bug.php?id=54477 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/42936 http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 http://www.mandriva.com/security/advisories?name=MDVSA-2011:012 http://www.openwall.com/lists/oss-security/2010/09/28/10 http://www.redhat.com/support • CWE-399: Resource Management Errors •

CVSS: 4.0EPSS: 4%CPEs: 56EXPL: 3

CVE-2010-3679 – Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service

https://notcve.org/view.php?id=CVE-2010-3679

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind. Oracle MySQL 5.1 ersiones anteriores a la 5.1.49 permite a los usuarios autenticados remotos provocar una denegación de servicio (bloqueo del demonio mysqld) a través de ciertos argumentos al comando BINLOG, que desencadena un acceso a la memoria no inicializada, como lo demuestra valgrind. • https://www.exploit-db.com/exploits/34521 http://bugs.mysql.com/bug.php?id=54393 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://secunia.com/advisories/42936 http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 http://www.mandriva.com/security/advisories?name=MDVSA-2011:012 http://www.openwall.com/lists/oss-security/2010/09/28/10 http://www.redhat.com/support/errata/RHSA-2011-0164.html http://www.securityfocus.com/bid/42638 http • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 11%CPEs: 116EXPL: 2

CVE-2010-3677 – MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)

https://notcve.org/view.php?id=CVE-2010-3677

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio de mysqld) por medio de una consulta join que utiliza una tabla con una columna SET única. • http://bugs.mysql.com/bug.php?id=54575 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 http://support.apple.com/kb/HT4723 http://www.debian.org/security/2011/dsa-2143&# • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 3%CPEs: 116EXPL: 4

CVE-2010-3682 – MySQL 5.1.48 - 'EXPLAIN' Denial of Service

https://notcve.org/view.php?id=CVE-2010-3682

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio mysqld) mediante el uso de EXPLAIN con declaraciones especialmente diseñadas "SELECT ... • https://www.exploit-db.com/exploits/34506 http://bugs.mysql.com/bug.php?id=52711 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 http://support.apple.com/kb/HT4723 http& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •