Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-3833
HistoryNov 05, 2010 - 12:00 a.m.

CVE-2010-3833

2010-11-0500:00:00
ubuntu.com
ubuntu.com
17

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.055

Percentile

93.3%

JSON

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not
properly propagate type errors, which allows remote attackers to cause a
denial of service (server crash) via crafted arguments to extreme-value
functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and
a “CREATE TABLE … SELECT.”

Bugs

Notes

Author Note
jdstrand mysql-cluster-7.0 not supported per server team
mdeslaur can’t reproduce on dapper, and code is different
OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchmysql-5.1< 5.1.49-1ubuntu8.1UNKNOWN
ubuntu8.04noarchmysql-dfsg-5.0< 5.0.51a-3ubuntu5.8UNKNOWN
ubuntu9.10noarchmysql-dfsg-5.1< 5.1.37-1ubuntu5.5UNKNOWN
ubuntu10.04noarchmysql-dfsg-5.1< 5.1.41-3ubuntu12.7UNKNOWN

Related

cvelist 1
cve 1
veracode 1
prion 1
nvd 1
openvas 21
nessus 26
debian 2
centos 1
osv 1
redhat 2
oraclelinux 2
ubuntu 2
securityvulns 4
gentoo 1
cvelist
cvelist
CVE-2010-3833
2011-01-14 18:00:00
cve
cve
CVE-2010-3833
2011-01-14 19:01:15
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:43
prion
prion
Code injection
2011-01-14 19:01:00
nvd
nvd
CVE-2010-3833
2011-01-14 19:01:15
openvas
openvas
MySQL Multiple Denial of Service Vulnerabilities
2011-01-21 00:00:00
Oracle MySQL < 5.1.51 Multiple DoS Vulnerabilities
2010-11-10 00:00:00
Mandriva Update for mysql MDVSA-2010:223 (mysql)
2010-11-16 00:00:00
nessus
nessus
MySQL < 5.0.92 Multiple Denial of Service
2012-01-18 00:00:00
MySQL < 5.5.6 Multiple Denial of Service
2012-01-18 00:00:00
openSUSE Security Update : libmariadbclient16 (openSUSE-SU-2011:0743-1)
2014-06-13 00:00:00
debian
debian
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
centos
centos
mysql security update
2010-11-05 14:26:35
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2011-01-14 00:00:00
redhat
redhat
(RHSA-2010:0825) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2011:0164) Moderate: mysql security update
2011-01-18 00:00:00
oraclelinux
oraclelinux
mysql security update
2010-11-03 00:00:00
mysql security update
2011-02-10 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-11-11 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
securityvulns
securityvulns
MySQL multiple security vulnerabilities
2010-11-15 00:00:00
[USN-1017-1] MySQL vulnerabilities
2010-11-15 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.055

Percentile

93.3%

JSON
Related for UB:CVE-2010-3833
cvelist1cve1veracode1prion1nvd1openvas21nessus26debian2centos1osv1redhat2oraclelinux2ubuntu2securityvulns4gentoo1