Description
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced AJAX Page Loader Cross-Site Request Forgery (2.7.7)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)
Apache HTTP Server Other Vulnerability (CVE-1999-1053)
WordPress Plugin Better Click To Tweet Unspecified Vulnerability (5.1)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)