Lucene search
Ubuntu.comUB:CVE-2010-3840HistoryNov 05, 2010 - 12:00 a.m.
CVE-2010-3840
2010-11-0500:00:00
ubuntu.com
ubuntu.com
25
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
0.011
Percentile
84.6%
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1
before 5.1.51 allows remote authenticated users to cause a denial of
service (server crash) by calling the PolyFromWKB function with Well-Known
Binary (WKB) data containing a crafted number of (1) line strings or (2)
line points.
Bugs
- <http://bugs.mysql.com/bug.php?id=51875>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599937>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3840>
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per server team |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.10 | noarch | mysql-5.1 | < 5.1.49-1ubuntu8.1 | UNKNOWN |
| ubuntu | 6.06 | noarch | mysql-dfsg-5.0 | < 5.0.22-0ubuntu6.06.15 | UNKNOWN |
| ubuntu | 8.04 | noarch | mysql-dfsg-5.0 | < 5.0.51a-3ubuntu5.8 | UNKNOWN |
| ubuntu | 9.10 | noarch | mysql-dfsg-5.1 | < 5.1.37-1ubuntu5.5 | UNKNOWN |
| ubuntu | 10.04 | noarch | mysql-dfsg-5.1 | < 5.1.41-3ubuntu12.7 | UNKNOWN |
Related
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:30
nvd
nvd
CVE-2010-3840
2011-01-14 19:02:44
prion
prion
Code injection
2011-01-14 19:02:00
openvas
openvas
MySQL 'Gis_line_string::init_from_wkb()' DOS Vulnerability
2011-01-21 00:00:00
CentOS Update for mysql CESA-2010:0824 centos4 i386
2010-11-16 00:00:00
CentOS Update for mysql CESA-2010:0824 centos4 i386
2010-11-16 00:00:00
cve
cve
CVE-2010-3840
2011-01-14 19:02:44
cvelist
cvelist
CVE-2010-3840
2011-01-14 18:00:00
oraclelinux
oraclelinux
mysql security update
2010-11-03 00:00:00
mysql security update
2010-11-03 00:00:00
mysql security update
2011-02-10 00:00:00
nessus
nessus
CentOS 4 : mysql (CESA-2010:0824)
2010-11-24 00:00:00
Oracle Linux 4 : mysql (ELSA-2010-0824)
2013-07-12 00:00:00
Scientific Linux Security Update : mysql on SL4.x i386/x86_64
2012-08-01 00:00:00
centos
centos
mysql security update
2010-11-05 14:22:54
mysql security update
2010-11-05 14:26:35
redhat
redhat
(RHSA-2010:0824) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2010:0825) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2011:0164) Moderate: mysql security update
2011-01-18 00:00:00
debian
debian
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2011-01-14 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-11-11 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
securityvulns
securityvulns
[USN-1017-1] MySQL vulnerabilities
2010-11-15 00:00:00
MySQL multiple security vulnerabilities
2010-11-15 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
0.011
Percentile
84.6%
Related for UB:CVE-2010-3840