2.1

CVE-2007-1420

Exploit
MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Version <= 5.0.33
MysqlMysql Version5.0.0
MysqlMysql Version5.0.1
MysqlMysql Version5.0.2
MysqlMysql Version5.0.3
MysqlMysql Version5.0.4
MysqlMysql Version5.0.5
MysqlMysql Version5.0.10
MysqlMysql Version5.0.15
MysqlMysql Version5.0.16
MysqlMysql Version5.0.17
MysqlMysql Version5.0.20
MysqlMysql Version5.0.24
MysqlMysql Version5.0.30
OracleMysql Version5.0.6
OracleMysql Version5.0.7
OracleMysql Version5.0.32
OracleMysql Version5.0.41
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.99% 0.577
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/30351
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0364.html
Vendor Advisory
http://bugs.mysql.com/bug.php?id=24630
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html
Vendor Advisory
http://secunia.com/advisories/24483
Vendor Advisory
http://secunia.com/advisories/24609
Vendor Advisory
http://secunia.com/advisories/25196
Vendor Advisory
http://secunia.com/advisories/25389
Vendor Advisory
http://secunia.com/advisories/25946
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200705-11.xml
http://securityreason.com/securityalert/2413
http://www.mandriva.com/security/advisories?name=MDKSA-2007:139
http://www.sec-consult.com/284.html
Exploit
http://www.securityfocus.com/archive/1/462339/100/0/threaded
http://www.securityfocus.com/bid/22900
Patch
Exploit
http://www.securitytracker.com/id?1017746
http://www.ubuntu.com/usn/usn-440-1
http://www.vupen.com/english/advisories/2007/0908
Vendor Advisory
https://issues.rpath.com/browse/RPL-1127
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530