The in_decimal::set function in item_cmpfunc.cc in MySQL prior to 5.0.40, and 5.1 prior to 5.1.18-beta, allows context-dependent malicious users to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle mysql |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 7.04 |