CVE-2007-1420

Severity

21%

Complexity

39%

Confidentiality

48%

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

MySQL

First reported 18 years ago

2007-03-12 23:19:00

Last updated 5 years ago

2019-12-17 20:16:00

Affected Software

MySQL MySQL 5.0.0

5.0.0

MySQL MySQL 5.0.1

5.0.1

MySQL MySQL 5.0.2

5.0.2

MySQL MySQL 5.0.3

5.0.3

MySQL MySQL 5.0.4

5.0.4

MySQL MySQL 5.0.5

5.0.5

MySQL MySQL 5.0.10

5.0.10

MySQL MySQL 5.0.15

5.0.15

MySQL MySQL 5.0.16

5.0.16

MySQL MySQL 5.0.17

5.0.17

MySQL MySQL 5.0.20

5.0.20

MySQL MySQL 5.0.24

5.0.24

MySQL 5.0.30

5.0.30

MySQL MySQL

Oracle MySQL 5.0.6

5.0.6

Oracle MySQL 5.0.7

5.0.7

Oracle MySQL 5.0.32

5.0.32

Oracle MySQL 5.0.41

5.0.41

References

http://bugs.mysql.com/bug.php?id=24630

GLSA-200705-11

2413

MDKSA-2007:139

RHSA-2008:0364

Vendor Advisory

http://www.sec-consult.com/284.html

Exploit

20070309 SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service

22900

Exploit, Patch

1017746

USN-440-1

ADV-2007-0908