MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
04 Aug 2022, 19:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.29:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.67:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.2.14:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.3.12:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:* cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:* cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* |
First Time |
Opensuse opensuse
Oracle mysql Suse linux Enterprise Server Debian Canonical ubuntu Linux Canonical Suse linux Enterprise Software Development Kit Debian debian Linux Opensuse Suse linux Enterprise Desktop Suse Oracle |
|
References | (GENTOO) http://security.gentoo.org/glsa/glsa-201409-04.xml - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/52639 - Not Applicable | |
References | (SUSE) http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html - Mailing List, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/58511 - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=919247 - Issue Tracking, Third Party Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/82895 - Third Party Advisory, VDB Entry | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-1909-1 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/54300 - Not Applicable | |
References | (OSVDB) http://www.osvdb.org/91415 - Broken Link | |
References | (SUSE) http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html - Mailing List, Third Party Advisory | |
References | (MLIST) http://seclists.org/oss-sec/2013/q1/671 - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://mariadb.atlassian.net/browse/MDEV-4252 - Broken Link | |
References | (MLIST) http://lists.askmonty.org/pipermail/commits/2013-March/004371.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2013/dsa-2818 - Third Party Advisory |
Information
Published : 2013-03-28 23:55
Updated : 2023-12-10 11:16
NVD link : CVE-2013-1861
Mitre link : CVE-2013-1861
CVE.ORG link : CVE-2013-1861
JSON object : View
Products Affected
suse
- linux_enterprise_server
- linux_enterprise_desktop
- linux_enterprise_software_development_kit
opensuse
- opensuse
debian
- debian_linux
redhat
- enterprise_linux
oracle
- mysql
canonical
- ubuntu_linux
mariadb
- mariadb
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer