CVE-2010-3679

EUVD-2010-3663
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
mysqlmysql
5.1.5
mysqlmysql
5.1.23
mysqlmysql
5.1.31
mysqlmysql
5.1.32
mysqlmysql
5.1.34
mysqlmysql
5.1.37
oraclemysql
5.1
oraclemysql
5.1.1
oraclemysql
5.1.2
oraclemysql
5.1.3
oraclemysql
5.1.4
oraclemysql
5.1.6
oraclemysql
5.1.7
oraclemysql
5.1.8
oraclemysql
5.1.9
oraclemysql
5.1.10
oraclemysql
5.1.11
oraclemysql
5.1.12
oraclemysql
5.1.13
oraclemysql
5.1.14
oraclemysql
5.1.15
oraclemysql
5.1.16
oraclemysql
5.1.17
oraclemysql
5.1.18
oraclemysql
5.1.19
oraclemysql
5.1.20
oraclemysql
5.1.21
oraclemysql
5.1.22
oraclemysql
5.1.23:a
oraclemysql
5.1.24
oraclemysql
5.1.25
oraclemysql
5.1.26
oraclemysql
5.1.27
oraclemysql
5.1.28
oraclemysql
5.1.29
oraclemysql
5.1.30
oraclemysql
5.1.31:sp1
oraclemysql
5.1.33
oraclemysql
5.1.34:sp1
oraclemysql
5.1.35
oraclemysql
5.1.36
oraclemysql
5.1.37:sp1
oraclemysql
5.1.38
oraclemysql
5.1.39
oraclemysql
5.1.40
oraclemysql
5.1.40:sp1
oraclemysql
5.1.41
oraclemysql
5.1.42
oraclemysql
5.1.43
oraclemysql
5.1.43:sp1
oraclemysql
5.1.44
oraclemysql
5.1.45
oraclemysql
5.1.46
oraclemysql
5.1.46:sp1
oraclemysql
5.1.47
oraclemysql
5.1.48
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mysql-5.1
dapper
dne
hardy
dne
karmic
dne
lucid
dne
maverick
not-affected
natty
not-affected
oneiric
not-affected
mysql-cluster-7.0
dapper
dne
hardy
dne
karmic
dne
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
mysql-dfsg-5.0
dapper
not-affected
hardy
not-affected
karmic
not-affected
lucid
dne
maverick
dne
natty
dne
oneiric
dne
mysql-dfsg-5.1
dapper
dne
hardy
dne
karmic
Fixed 5.1.37-1ubuntu5.5
released
lucid
Fixed 5.1.41-3ubuntu12.7
released
maverick
dne
natty
dne
oneiric
dne
Common Weakness Enumeration
References
http://bugs.mysql.com/bug.php?id=54393
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
http://secunia.com/advisories/42936
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
http://www.openwall.com/lists/oss-security/2010/09/28/10
http://www.redhat.com/support/errata/RHSA-2011-0164.html
http://www.securityfocus.com/bid/42638
http://www.ubuntu.com/usn/USN-1017-1
http://www.ubuntu.com/usn/USN-1397-1
http://www.vupen.com/english/advisories/2011/0133
http://www.vupen.com/english/advisories/2011/0170
https://bugzilla.redhat.com/show_bug.cgi?id=628062
https://exchange.xforce.ibmcloud.com/vulnerabilities/64687
http://bugs.mysql.com/bug.php?id=54393
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
http://secunia.com/advisories/42936
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
http://www.openwall.com/lists/oss-security/2010/09/28/10
http://www.redhat.com/support/errata/RHSA-2011-0164.html
http://www.securityfocus.com/bid/42638
http://www.ubuntu.com/usn/USN-1017-1
http://www.ubuntu.com/usn/USN-1397-1
http://www.vupen.com/english/advisories/2011/0133
http://www.vupen.com/english/advisories/2011/0170
https://bugzilla.redhat.com/show_bug.cgi?id=628062
https://exchange.xforce.ibmcloud.com/vulnerabilities/64687