Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL/MariaDB 输入验证错误漏洞
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL 5.5.19以及其他版本和MariaDB 5.5.28a以及其他版本中存在漏洞。通过带有UpdateXML指令的SELECT命令上传含有大量唯一,嵌套式元素的XML,远程认证攻击者利用该漏洞造成拒绝服务(MySQL崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A