Description
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Elena Stepanova · textdoslinux
https://www.exploit-db.com/exploits/34522
References (8)
Core 8
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
Exploit x_refsource_confirm
http://bugs.mysql.com/bug.php?id=55039
Exploit x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=628660
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64689
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0133
Various Sources x_refsource_confirm
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/42643
Exploit mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/28/10
Scores
EPSS
0.0307
EPSS Percentile
86.8%
Details
Status
published
Products (48)
mysql/mysql
5.1.5
mysql/mysql
5.1.23
mysql/mysql
5.1.31
mysql/mysql
5.1.32
mysql/mysql
5.1.34
mysql/mysql
5.1.37
oracle/mysql
5.1
oracle/mysql
5.1.1
oracle/mysql
5.1.2
oracle/mysql
5.1.3
... and 38 more
Published
Jan 11, 2011
Tracked Since
Feb 18, 2026