MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
No history.
Information
Published : 2013-03-28 23:55
Updated : 2024-02-28 12:00
NVD link : CVE-2013-1861
Mitre link : CVE-2013-1861
CVE.ORG link : CVE-2013-1861
JSON object : View
Products Affected
opensuse
- opensuse
suse
- linux_enterprise_server
- linux_enterprise_desktop
- linux_enterprise_software_development_kit
debian
- debian_linux
mariadb
- mariadb
canonical
- ubuntu_linux
oracle
- mysql
redhat
- enterprise_linux
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer