Description

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Remediation

References

CVE-2013-1861

Related Vulnerabilities

WordPress Plugin EnvialoSimple:Email Marketing y Newsletters Multiple Cross-Site Scripting Vulnerabilities (1.97)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2043)

WordPress Plugin Concours Cross-Site Scripting (1.1)

WordPress Plugin BulletProof Security Cross-Site Scripting (.52.4)

WordPress Plugin Social Media Widget Serving Spam (4.0)

Severity

Medium

Classification

CVE-2013-1861 CWE-119

Tags

Missing Update Known Vulnerabilities