Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1861

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-1861
Last Modified 13 Jan 2014 11:24:25
Published 28 Mar 2013 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-1861

Summary

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 5

  • Redhat Enterprise Linux 6

Application

  • Mariadb 5.1.41

  • Mariadb 5.1.42

  • Mariadb 5.1.44

  • Mariadb 5.1.47

  • Mariadb 5.1.49

  • Mariadb 5.1.50

  • Mariadb 5.1.51

  • Mariadb 5.1.53

  • Mariadb 5.1.55

  • Mariadb 5.1.60

  • Mariadb 5.1.61

  • Mariadb 5.1.62

  • Mariadb 5.1.66

  • Mariadb 5.1.67

  • Mariadb 5.2.0

  • Mariadb 5.2.1

  • Mariadb 5.2.10

  • Mariadb 5.2.11

  • Mariadb 5.2.12

  • Mariadb 5.2.13

  • Mariadb 5.2.14

  • Mariadb 5.2.2

  • Mariadb 5.2.3

  • Mariadb 5.2.4

  • Mariadb 5.2.5

  • Mariadb 5.2.6

  • Mariadb 5.2.7

  • Mariadb 5.2.8

  • Mariadb 5.2.9

  • Mariadb 5.3.0

  • Mariadb 5.3.1

  • Mariadb 5.3.10

  • Mariadb 5.3.11

  • Mariadb 5.3.12

  • Mariadb 5.3.2

  • Mariadb 5.3.3

  • Mariadb 5.3.4

  • Mariadb 5.3.5

  • Mariadb 5.3.6

  • Mariadb 5.3.7

  • Mariadb 5.3.8

  • Mariadb 5.3.9

  • Mariadb 5.5.20

  • Mariadb 5.5.21

  • Mariadb 5.5.22

  • Mariadb 5.5.23

  • Mariadb 5.5.24

  • Mariadb 5.5.25

  • Mariadb 5.5.27

  • Mariadb 5.5.28

  • Mariadb 5.5.29


References

CONFIRM - https://mariadb.atlassian.net/browse/MDEV-4252

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=919247

XF - mysql-mariadb-cve20131861-dos(82895)

BID - 58511

OSVDB - 91415

SECUNIA - 52639

MLIST - [oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld

MLIST - [Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

UBUNTU - USN-1909-1

SECUNIA - 54300

SUSE - SUSE-SU-2013:1390

SUSE - openSUSE-SU-2013:1410

SUSE - openSUSE-SU-2013:1335

SUSE - SUSE-SU-2013:1529

DEBIAN - DSA-2818


Last Updated: 27 May 2016 11:02:10