Description

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Remediation

References

CVE-2013-1861

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Points and Rewards Security Bypass (1.3.4)

WordPress Plugin Random image gallery with pretty photo zoom Cross-Site Scripting (7.4)

Roundcube Resource Management Errors Vulnerability (CVE-2011-4078)

MySQL CVE-2024-21051 Vulnerability (CVE-2024-21051)

PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)

Severity

Medium

Classification

CVE-2013-1861 CWE-119

Tags

Missing Update Known Vulnerabilities