CVE-2010-3679

Mysql - Resource Management Error

Title source: rule
STIX 2.1

Description

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Shane Bester · textdoslinux
https://www.exploit-db.com/exploits/34521

References (14)

Core 14
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1397-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1017-1
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64687
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0164.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0170
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0133
Patch x_refsource_confirm
http://bugs.mysql.com/bug.php?id=54393
Various Sources x_refsource_confirm
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Exploit, Patch x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=628062
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42936
Exploit, Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/28/10
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/42638

Scores

EPSS 0.0455
EPSS Percentile 89.2%

Details

CWE
CWE-399
Status published
Products (48)
mysql/mysql 5.1.5
mysql/mysql 5.1.23
mysql/mysql 5.1.31
mysql/mysql 5.1.32
mysql/mysql 5.1.34
mysql/mysql 5.1.37
oracle/mysql 5.1
oracle/mysql 5.1.1
oracle/mysql 5.1.2
oracle/mysql 5.1.3
... and 38 more
Published Jan 11, 2011
Tracked Since Feb 18, 2026