Computer Security
[EN] securityvulns.ru no-pyccku


MySQL subselect DoS
Published:09.03.2007
Source:
SecurityVulns ID:7368
Type:local
Threat Level:
5/10
Description:NULL pointer dereference if string function is applied to select with "order by" result.
Affected:ORACLE : MySQL 5.0
CVE:CVE-2007-1420 (MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service (09.03.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod