Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL用户变量分配拒绝服务漏洞
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL 5.1.51之前的5.1版本,以及5.5.6之前的5.5版本中存在漏洞。远程认证用户可以通过执行逻辑表达式中的用户变量赋值导致拒绝服务攻击,对逻辑表进行GROUP BY计算并存储在临时表中,并引起表达式值在表被创建后被使用,该行为导致了表达式值被重计算,而不是从表格中访问它的值。
CVSS Information
N/A
Vulnerability Type
N/A