CVE-2007-2583
MySQL < 5.0.40 and 5.1 < 5.1.18-beta - Denial of Service via Crafted IF Clause
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-2583. PoCs published by Neil Kettle.
AI-analyzed exploit summary This exploit leverages a MySQL vulnerability (CVE-2007-2583) by crafting a malicious SELECT query that triggers a division-by-zero error, causing a denial-of-service (DoS) condition. The query uses a subquery with an IF statement to force the error.
Description
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
Exploits (1)
This exploit leverages a MySQL vulnerability (CVE-2007-2583) by crafting a malicious SELECT query that triggers a division-by-zero error, causing a denial-of-service (DoS) condition. The query uses a subquery with an IF statement to force the error.