CVE-2010-3676 : Detail

CVE-2010-3676

2.36%V3
Network
2011-01-11
18h00 +00:00
2017-08-16
12h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 4 AV:N/AC:L/Au:S/C:N/I:N/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 34522

Publication date : 2010-07-08 22h00 +00:00
Author : Elena Stepanova
EDB Verified : Yes

source: https://www.securityfocus.com/bid/42643/info MySQL is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the database, denying access to legitimate users. Versions prior to MySQL 5.1.49 are vulnerable. NOTE: This issue was previously disclosed in BID 42586 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been assigned its own record. thd->query at 0x14bcdf0 = CREATE TEMPORARY TABLE operations ( op VARCHAR(16) ) ENGINE =InnoDB

Products Mentioned

Configuraton 0

Mysql>>Mysql >> Version 5.1.5

Mysql>>Mysql >> Version 5.1.23

Mysql>>Mysql >> Version 5.1.31

Mysql>>Mysql >> Version 5.1.32

Mysql>>Mysql >> Version 5.1.34

Mysql>>Mysql >> Version 5.1.37

Oracle>>Mysql >> Version 5.1

Oracle>>Mysql >> Version 5.1.1

Oracle>>Mysql >> Version 5.1.2

Oracle>>Mysql >> Version 5.1.3

Oracle>>Mysql >> Version 5.1.4

Oracle>>Mysql >> Version 5.1.6

Oracle>>Mysql >> Version 5.1.7

Oracle>>Mysql >> Version 5.1.8

Oracle>>Mysql >> Version 5.1.9

Oracle>>Mysql >> Version 5.1.10

Oracle>>Mysql >> Version 5.1.11

Oracle>>Mysql >> Version 5.1.12

Oracle>>Mysql >> Version 5.1.13

Oracle>>Mysql >> Version 5.1.14

Oracle>>Mysql >> Version 5.1.15

Oracle>>Mysql >> Version 5.1.16

Oracle>>Mysql >> Version 5.1.17

Oracle>>Mysql >> Version 5.1.18

Oracle>>Mysql >> Version 5.1.19

Oracle>>Mysql >> Version 5.1.20

Oracle>>Mysql >> Version 5.1.21

Oracle>>Mysql >> Version 5.1.22

Oracle>>Mysql >> Version 5.1.23

Oracle>>Mysql >> Version 5.1.24

Oracle>>Mysql >> Version 5.1.25

Oracle>>Mysql >> Version 5.1.26

Oracle>>Mysql >> Version 5.1.27

Oracle>>Mysql >> Version 5.1.28

Oracle>>Mysql >> Version 5.1.29

Oracle>>Mysql >> Version 5.1.30

Oracle>>Mysql >> Version 5.1.31

Oracle>>Mysql >> Version 5.1.33

Oracle>>Mysql >> Version 5.1.34

Oracle>>Mysql >> Version 5.1.35

Oracle>>Mysql >> Version 5.1.36

Oracle>>Mysql >> Version 5.1.37

Oracle>>Mysql >> Version 5.1.38

Oracle>>Mysql >> Version 5.1.39

Oracle>>Mysql >> Version 5.1.40

Oracle>>Mysql >> Version 5.1.40

Oracle>>Mysql >> Version 5.1.41

Oracle>>Mysql >> Version 5.1.42

Oracle>>Mysql >> Version 5.1.43

Oracle>>Mysql >> Version 5.1.43

Oracle>>Mysql >> Version 5.1.44

Oracle>>Mysql >> Version 5.1.45

Oracle>>Mysql >> Version 5.1.46

Oracle>>Mysql >> Version 5.1.46

Oracle>>Mysql >> Version 5.1.47

Oracle>>Mysql >> Version 5.1.48

References

http://bugs.mysql.com/bug.php?id=55039
Tags : x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
Tags : vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2011/0133
Tags : vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/42643
Tags : vdb-entry, x_refsource_BID
http://www.openwall.com/lists/oss-security/2010/09/28/10
Tags : mailing-list, x_refsource_MLIST