Description

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.

Remediation

References

CVE-2010-3840

Related Vulnerabilities

WordPress Plugin JSON API Open Redirect (1.1.3)

Mailman Other Vulnerability (CVE-2003-0965)

WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3732)

WordPress Plugin VikRentCar Car Rental Management System Cross-Site Request Forgery (1.1.6)

Severity

Medium

Classification

CVE-2010-3840

Tags

Missing Update Known Vulnerabilities