Back to search
CVE-2009-0819
Published: Mar 5, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html
x_refsource_CONFIRM
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html
x_refsource_CONFIRM
mysql-xpath-dos(49050)
vdb-entry
x_refsource_XF
34115
third-party-advisory
x_refsource_SECUNIA
ADV-2009-0594
vdb-entry
x_refsource_VUPEN
http://bugs.mysql.com/bug.php?id=42495
x_refsource_CONFIRM
33972
vdb-entry
x_refsource_BID
1021786
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:7544
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now