CVE-2010-3677 — Mysql vulnerability

CWE-3998 documents6 sources

Severity

4.0MEDIUMNVD

EPSS

0.9%

top 23.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedJan 11

Latest updateMay 13

Description

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/mysql83 versions+82

▶NVDmysql/mysql5.1.48+27

🔴Vulnerability Details

GHSA

GHSA-hc26-j7hx-87x5: Oracle MySQL 5↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

Mozilla Suite/Firefox - Navigator Object Code Execution (Metasploit)↗2010-09-20

▶

📋Vendor Advisories

Ubuntu

MySQL vulnerabilities↗2012-03-12

▶

Ubuntu

MySQL vulnerabilities↗2010-11-11

▶

Red Hat

MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)↗2010-07-09

▶

💬Community

Bugzilla

CVE-2010-3676 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683 mysql various flaws [fedora-all]↗2010-09-23

▶

Bugzilla

CVE-2010-3677 MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)↗2010-08-27

▶