CVE-2006-7232

Name: CVE-2006-7232
Creator: NVD / NIST
Published: 2006-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.97%

Last modified Jun 16, 2026

CVE-2006-7232 is a vulnerability of currently unknown severity. sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.. EPSS estimates a 1.97% chance of exploitation in the next 30 days.

Description

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Metrics

EPSS Probability

1.97%

77.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-89

Affected Software

Vendor	Product	Versions
Mysql	Mysql	>= 5.0, < 5.0.32
Mysql	Mysql	>= 5.1, < 5.1.14
Canonical	Ubuntu Linux	6.06
Canonical	Ubuntu Linux	6.10
Canonical	Ubuntu Linux	7.04
Canonical	Ubuntu Linux	7.10

References

http://bugs.mysql.com/bug.php?id=22413Patch, Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.htmlVendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.htmlVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlThird Party Advisory
http://secunia.com/advisories/29443Third Party Advisory
http://secunia.com/advisories/30351Third Party Advisory
http://secunia.com/advisories/31687Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0364.htmlThird Party Advisory
http://www.securityfocus.com/bid/28351Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-588-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11720Third Party Advisory
http://bugs.mysql.com/bug.php?id=22413Patch, Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.htmlVendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.htmlVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlThird Party Advisory
http://secunia.com/advisories/29443Third Party Advisory
http://secunia.com/advisories/30351Third Party Advisory
http://secunia.com/advisories/31687Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0364.htmlThird Party Advisory
http://www.securityfocus.com/bid/28351Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-588-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11720Third Party Advisory

Timeline

Published: Dec 31, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-7232?

How severe is CVE-2006-7232?

Severity scoring for CVE-2006-7232 is pending analysis. The EPSS model estimates a 1.97% probability of exploitation in the next 30 days.

How do I fix CVE-2006-7232?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-7232?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST