2.1

CVE-2007-1420

Exploit

EPSS 0.07%
Veröffentlicht 12.03.2007 23:19:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 23

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mysql ≫ Mysql Version <= 5.0.33

Mysql ≫ Mysql Version5.0.0

Mysql ≫ Mysql Version5.0.1

Mysql ≫ Mysql Version5.0.2

Mysql ≫ Mysql Version5.0.3

Mysql ≫ Mysql Version5.0.4

Mysql ≫ Mysql Version5.0.5

Mysql ≫ Mysql Version5.0.10

Mysql ≫ Mysql Version5.0.15

Mysql ≫ Mysql Version5.0.16

Mysql ≫ Mysql Version5.0.17

Mysql ≫ Mysql Version5.0.20

Mysql ≫ Mysql Version5.0.24

Mysql ≫ Mysql Version5.0.30

Oracle ≫ Mysql Version5.0.6

Oracle ≫ Mysql Version5.0.7

Oracle ≫ Mysql Version5.0.32

Oracle ≫ Mysql Version5.0.41

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.21

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/30351

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-0364.html

Vendor Advisory

http://bugs.mysql.com/bug.php?id=24630

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html

Vendor Advisory

http://secunia.com/advisories/24483

Vendor Advisory

http://secunia.com/advisories/24609

Vendor Advisory

http://secunia.com/advisories/25196

Vendor Advisory

http://secunia.com/advisories/25389

Vendor Advisory

http://secunia.com/advisories/25946

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200705-11.xml

http://securityreason.com/securityalert/2413

http://www.mandriva.com/security/advisories?name=MDKSA-2007:139

http://www.sec-consult.com/284.html

Exploit

http://www.securityfocus.com/archive/1/462339/100/0/threaded

http://www.securityfocus.com/bid/22900

Patch

Exploit

http://www.securitytracker.com/id?1017746

http://www.ubuntu.com/usn/usn-440-1

http://www.vupen.com/english/advisories/2007/0908

Vendor Advisory

https://issues.rpath.com/browse/RPL-1127

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530

https://nvd.nist.gov/vuln/detail/CVE-2007-1420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1420

EUVD