Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2010-3681

Published: 11/01/2011 Updated: 17/12/2019
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Mysql

Vulnerability Summary

Oracle MySQL 5.1 prior to 5.1.49 and 5.5 prior to 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql 5.1.46

oracle mysql 5.1.47

oracle mysql 5.1.23

oracle mysql 5.1.36

oracle mysql 5.1.48

oracle mysql 5.1.6

oracle mysql 5.1.3

oracle mysql 5.1.14

oracle mysql 5.1.11

oracle mysql 5.1.10

oracle mysql 5.1

oracle mysql 5.1.19

oracle mysql 5.1.20

oracle mysql 5.1.40

oracle mysql 5.1.31

oracle mysql 5.1.43

mysql mysql 5.1.23

oracle mysql 5.1.42

mysql mysql 5.1.37

oracle mysql 5.1.38

oracle mysql 5.1.4

oracle mysql 5.1.9

oracle mysql 5.1.12

oracle mysql 5.1.17

mysql mysql 5.1.32

oracle mysql 5.1.1

oracle mysql 5.1.28

oracle mysql 5.1.29

oracle mysql 5.1.34

oracle mysql 5.1.24

mysql mysql 5.1.31

mysql mysql 5.1.34

oracle mysql 5.1.35

oracle mysql 5.1.41

mysql mysql 5.1.5

oracle mysql 5.1.8

oracle mysql 5.1.13

oracle mysql 5.1.16

oracle mysql 5.1.30

oracle mysql 5.1.18

oracle mysql 5.1.27

oracle mysql 5.1.37

oracle mysql 5.1.33

oracle mysql 5.1.44

oracle mysql 5.1.39

oracle mysql 5.1.7

oracle mysql 5.1.45

oracle mysql 5.1.2

oracle mysql 5.1.15

oracle mysql 5.1.21

oracle mysql 5.1.22

oracle mysql 5.1.26

oracle mysql 5.1.25

oracle mysql 5.5.2

oracle mysql 5.5.3

oracle mysql 5.5.4

oracle mysql 5.5.0

oracle mysql 5.5.1

Vendor Advisories

Debian Security Advisories: DSA-2143-1 mysql-dfsg-5.0 -- several vulnerabilities
Several vulnerabilities have been discovered in the MySQL database server The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3677 It was discovered that MySQL allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET col ...
Ubuntu Security Notice: mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities
Several security issues were fixed in MySQL ...
Ubuntu Security Notice: mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities
It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command An authenticated user could exploit this to make MySQL crash, causing a denial of service This issue only affected Ubuntu 910 and 1004 LTS (CVE-2010-2008) ...

Exploits

Exploit DB: Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service
source: wwwsecurityfocuscom/bid/42633/info MySQL is prone to a denial-of-service vulnerability An attacker can exploit this issue to crash the database, denying access to legitimate users This issue affects versions prior to MySQL 5149 NOTE: This issue was previously covered in BID 42586 (Oracle MySQL Prior to 5149 Multiple Deni ...

References

NVD-CWE-Otherhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=628680http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.htmlhttp://www.openwall.com/lists/oss-security/2010/09/28/10http://bugs.mysql.com/bug.php?id=54007http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://www.ubuntu.com/usn/USN-1017-1http://secunia.com/advisories/42875http://www.mandriva.com/security/advisories?name=MDVSA-2010:222http://www.mandriva.com/security/advisories?name=MDVSA-2010:155http://www.redhat.com/support/errata/RHSA-2010-0824.htmlhttp://www.debian.org/security/2011/dsa-2143http://www.vupen.com/english/advisories/2011/0105http://www.securityfocus.com/bid/42633http://www.mandriva.com/security/advisories?name=MDVSA-2011:012http://www.vupen.com/english/advisories/2011/0133http://www.redhat.com/support/errata/RHSA-2010-0825.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0164.htmlhttp://www.vupen.com/english/advisories/2011/0170http://secunia.com/advisories/42936http://www.vupen.com/english/advisories/2011/0345http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/64685http://www.ubuntu.com/usn/USN-1397-1https://nvd.nist.govhttps://www.debian.org/security/./dsa-2143https://usn.ubuntu.com/1397-1/https://www.exploit-db.com/exploits/34520/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook