CVE-2007-2583 - CVE Reference - Advisories

CVE Reference: CVE-2007-2583

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2583

Description: The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

CVE Status: Candidate

References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 TRUSTIX http://www.trustix.org/errata/2007/0017/ SUSE http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html SAID Secunia Advisory: SA25196 Secunia Advisory: SA25188 Secunia Advisory: SA25255 Secunia Advisory: SA25389 Secunia Advisory: SA25946 Secunia Advisory: SA27155 Secunia Advisory: SA27823 Secunia Advisory: SA28838 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 GENTOO http://security.gentoo.org/glsa/glsa-200705-11.xml DEBIAN http://www.debian.org/security/2007/dsa-1413 CONFIRM http://lists.mysql.com/commits/23685 http://bugs.mysql.com/bug.php?id=27513 BID 23911

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	OpenBSD BIND Query Port DNS Cache Poisoning

3.	Apple Safari Cross-Domain Cookie Injection Vulnerability

4.	Drupal Session Fixation Vulnerability

5.	Red Hat update for thunderbird

6.	Debian update for clamav

7.	Red Hat update for kernel

8.	Slackware update for dnsmasq

9.	Ubuntu update for php

10.	IPCop update for perl