CVE-2007-1420

Published: Mar 12, 2007Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.

Affected (18)

Products: Mysql: Mysql · Oracle: Mysql

1 product

1 product

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Mysql Mysql	Up to 5.0.33
Mysql Mysql	Version 5.0.0
Mysql Mysql	Version 5.0.10
Mysql Mysql	Version 5.0.15
Mysql Mysql	Version 5.0.16
Mysql Mysql	Version 5.0.17
Mysql Mysql	Version 5.0.1
Mysql Mysql	Version 5.0.20
Mysql Mysql	Version 5.0.24
Mysql Mysql	Version 5.0.2
Mysql Mysql	Version 5.0.30
Mysql Mysql	Version 5.0.3
Mysql Mysql	Version 5.0.4
Mysql Mysql	Version 5.0.5
Oracle Mysql	Version 5.0.32
Oracle Mysql	Version 5.0.41
Oracle Mysql	Version 5.0.6
Oracle Mysql	Version 5.0.7

References (40)

http://bugs.mysql.com/bug.php?id=24630

Source: cve@mitre.org

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/24483

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/24609

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/25196

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/25389

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/25946

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30351

Source: cve@mitre.org

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200705-11.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/2413

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2007:139

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0364.html

Source: cve@mitre.org

Vendor Advisory

http://www.sec-consult.com/284.html

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/462339/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/22900

Source: cve@mitre.org

ExploitPatch

http://www.securitytracker.com/id?1017746

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-440-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0908

Source: cve@mitre.org

Vendor Advisory

https://issues.rpath.com/browse/RPL-1127

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530

Source: cve@mitre.org

http://bugs.mysql.com/bug.php?id=24630

Source: af854a3a-2127-422b-91ae-364da2661108

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24483

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24609

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/25196

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/25389

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/25946

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/30351

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200705-11.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/2413

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2007:139

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0364.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.sec-consult.com/284.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/archive/1/462339/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/22900

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.securitytracker.com/id?1017746

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-440-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0908

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://issues.rpath.com/browse/RPL-1127

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.