Description

MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.

Remediation

References

CVE-2008-3963

Related Vulnerabilities

WordPress Plugin Simple Link Directory PHP Object Injection (5.5.0)

WordPress Plugin SendPress Newsletters Unspecified Vulnerability (1.7.6.11)

Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)

WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)

Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)

Severity

Medium

Classification

CVE-2008-3963 CWE-134

Tags

Missing Update Known Vulnerabilities