Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL Item_singlerow_subselect::store函数空指针解引用漏洞
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL 5.1.49之前的5.1版本,以及5.0.92之前的5.0版本中的Item_singlerow_subselect::store函数中存在空指针解引用漏洞。远程认证用户可通过使用带有特制“SELECT ... UNION ... ORDER BY(SELECT ... WHERE ...)”声明的EXPLAIN导致拒绝服务(mysqld守护进程崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A