CVE-2010-3678
Last modified
CVE-2010-3678 is a vulnerability of currently unknown severity. Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.. EPSS estimates a 12.23% chance of exploitation in the next 30 days.
Description
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Mysql | Mysql | 5.1.5 | — |
| Mysql | Mysql | 5.1.23 | — |
| Mysql | Mysql | 5.1.31 | — |
| Mysql | Mysql | 5.1.32 | — |
| Mysql | Mysql | 5.1.34 | — |
| Mysql | Mysql | 5.1.37 | — |
| Oracle | Mysql | 5.1 | — |
| Oracle | Mysql | 5.1.1 | — |
| Oracle | Mysql | 5.1.2 | — |
| Oracle | Mysql | 5.1.3 | — |
| Oracle | Mysql | 5.1.4 | — |
| Oracle | Mysql | 5.1.6 | — |
| Oracle | Mysql | 5.1.7 | — |
| Oracle | Mysql | 5.1.8 | — |
| Oracle | Mysql | 5.1.9 | — |
| Oracle | Mysql | 5.1.10 | — |
| Oracle | Mysql | 5.1.11 | — |
| Oracle | Mysql | 5.1.12 | — |
| Oracle | Mysql | 5.1.13 | — |
| Oracle | Mysql | 5.1.14 | — |
| Oracle | Mysql | 5.1.15 | — |
| Oracle | Mysql | 5.1.16 | — |
| Oracle | Mysql | 5.1.17 | — |
| Oracle | Mysql | 5.1.18 | — |
| Oracle | Mysql | 5.1.19 | — |
| Oracle | Mysql | 5.1.20 | — |
| Oracle | Mysql | 5.1.21 | — |
| Oracle | Mysql | 5.1.22 | — |
| Oracle | Mysql | 5.1.23 | A |
| Oracle | Mysql | 5.1.24 | — |
| Oracle | Mysql | 5.1.25 | — |
| Oracle | Mysql | 5.1.26 | — |
| Oracle | Mysql | 5.1.27 | — |
| Oracle | Mysql | 5.1.28 | — |
| Oracle | Mysql | 5.1.29 | — |
| Oracle | Mysql | 5.1.30 | — |
| Oracle | Mysql | 5.1.31 | Sp1 |
| Oracle | Mysql | 5.1.33 | — |
| Oracle | Mysql | 5.1.34 | Sp1 |
| Oracle | Mysql | 5.1.35 | — |
| Oracle | Mysql | 5.1.36 | — |
| Oracle | Mysql | 5.1.37 | Sp1 |
| Oracle | Mysql | 5.1.38 | — |
| Oracle | Mysql | 5.1.39 | — |
| Oracle | Mysql | 5.1.40 | — |
| Oracle | Mysql | 5.1.41 | — |
| Oracle | Mysql | 5.1.42 | — |
| Oracle | Mysql | 5.1.43 | — |
| Oracle | Mysql | 5.1.44 | — |
| Oracle | Mysql | 5.1.45 | — |
Showing 50 of 53 affected configurations. See NVD for the full list.
References
- http://bugs.mysql.com/bug.php?id=54477Exploit, Patch
- http://secunia.com/advisories/42936Vendor Advisory
- http://www.openwall.com/lists/oss-security/2010/09/28/10Exploit, Patch
- http://www.vupen.com/english/advisories/2011/0133Vendor Advisory
- http://www.vupen.com/english/advisories/2011/0170Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=628172Exploit, Patch
- http://bugs.mysql.com/bug.php?id=54477Exploit, Patch
- http://secunia.com/advisories/42936Vendor Advisory
- http://www.openwall.com/lists/oss-security/2010/09/28/10Exploit, Patch
- http://www.vupen.com/english/advisories/2011/0133Vendor Advisory
- http://www.vupen.com/english/advisories/2011/0170Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=628172Exploit, Patch
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-3678?
How severe is CVE-2010-3678?
How do I fix CVE-2010-3678?
Are you affected by CVE-2010-3678?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST