CVE-2010-3683

Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via LOAD DATA INFILE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3683. PoCs published by Elena Stepanova.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in MySQL by creating a table and attempting to load data from a non-existent file, causing the database to crash. The issue affects versions prior to MySQL 5.1.49.

Description

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elena Stepanova · textdoslinux

https://www.exploit-db.com/exploits/34510

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service vulnerability in MySQL by creating a table and attempting to load data from a non-existent file, causing the database to crash. The issue affects versions prior to MySQL 5.1.49.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: MySQL prior to 5.1.49

Auth required

Prerequisites: Access to a MySQL server with sufficient privileges to create tables and execute LOAD DATA LOCAL INFILE

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17

Core References

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1397-1

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1017-1

Various Sources x_refsource_confirm

http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2011:012

Exploit, Patch x_refsource_confirm

http://bugs.mysql.com/bug.php?id=52512

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0164.html

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0170

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0133

Various Sources x_refsource_confirm

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2010:155

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42936

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html

Exploit, Patch x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=628698

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/42625

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/64683

Exploit, Patch mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2010/09/28/10

Scores

EPSS 0.1223

EPSS Percentile 95.7%

Details

Status published

Products (48)

mysql/mysql 5.1.5

mysql/mysql 5.1.23

mysql/mysql 5.1.31

mysql/mysql 5.1.32

mysql/mysql 5.1.34

mysql/mysql 5.1.37

oracle/mysql 5.1

oracle/mysql 5.1.1

oracle/mysql 5.1.2

oracle/mysql 5.1.3

... and 38 more

Published Jan 11, 2011

Tracked Since Feb 18, 2026