← back
CVE-2010-3676

CVE-2010-3676

EPSS 9.5%
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/34522unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.mysql.com/bug.php?id=55039http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=628660https://exchange.xforce.ibmcloud.com/vulnerabilities/64689http://www.mandriva.com/security/advisories?name=MDVSA-2011:012http://www.openwall.com/lists/oss-security/2010/09/28/10http://www.securityfocus.com/bid/42643http://www.vupen.com/english/advisories/2011/0133