CVE-2013-1861
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/38392unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.askmonty.org/pipermail/commits/2013-March/004371.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00024.htmlhttp://lists.opensuse.org/opensuse-updates/2013-09/msg00008.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=919247http://seclists.org/oss-sec/2013/q1/671http://secunia.com/advisories/52639http://secunia.com/advisories/54300http://security.gentoo.org/glsa/glsa-201409-04.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/82895https://mariadb.atlassian.net/browse/MDEV-4252