4

CVE-2007-5925

The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Version <= 5.1.23_bk
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.35% 0.954
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
http://secunia.com/advisories/28838
http://secunia.com/advisories/27823
http://www.debian.org/security/2007/dsa-1413
http://secunia.com/advisories/28040
http://secunia.com/advisories/28108
http://secunia.com/advisories/28128
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959
http://www.mandriva.com/security/advisories?name=MDKSA-2007:243
https://usn.ubuntu.com/559-1/
http://bugs.gentoo.org/show_bug.cgi?id=198988
http://bugs.mysql.com/bug.php?id=32125
http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html
http://secunia.com/advisories/27568
http://secunia.com/advisories/27649
http://secunia.com/advisories/28025
http://secunia.com/advisories/28099
http://security.gentoo.org/glsa/glsa-200711-25.xml
http://www.redhat.com/support/errata/RHSA-2007-1155.html
http://www.redhat.com/support/errata/RHSA-2007-1157.html
http://www.securityfocus.com/bid/26353
http://www.securitytracker.com/id?1018978
http://www.ubuntu.com/usn/USN-1397-1
http://www.vupen.com/english/advisories/2007/3903
https://exchange.xforce.ibmcloud.com/vulnerabilities/38284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11390
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html