|
|
Log in / Subscribe / Register

mysql: multiple vulnerabilities

Package(s):mysql CVE #(s):CVE-2013-1861 CVE-2013-3802 CVE-2013-3804
Created:July 23, 2013 Updated:September 9, 2013
Description: From the CVE entries:

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error (CVE-2013-1861).

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search (CVE-2013-3802).

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer (CVE-2013-3804).

Alerts:
Gentoo 201409-04 mysql 2014-09-04
Debian DSA-2818-1 mysql-5.5 2013-12-16
SUSE SUSE-SU-2013:1529-1 mysql, mysql-client 2013-10-07
openSUSE openSUSE-SU-2013:1335-1 mariadb, mysql-community-server 2013-08-14
Ubuntu USN-1909-1 mysql-5.5, mysql-dfsg-5.1 2013-07-25
Mandriva MDVSA-2013:197 mysql 2013-07-23
SUSE SUSE-SU-2013:1390-1 MySQL 2013-08-30
openSUSE openSUSE-SU-2013:1410-1 mysql-community-server 2013-09-08
Gentoo 201308-06 mysql 2013-08-29
Gentoo GLSA 201308-06:02 mysql 2013-08-30
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds