CVE-2009-4019

N/A Unknown
Published: November 30, 2009 Modified: April 23, 2026
View on NVD

Description

mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.mysql.com/47780
Source: secalert@redhat.com
http://bugs.mysql.com/48291
Source: secalert@redhat.com
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
Source: secalert@redhat.com
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Source: secalert@redhat.com
http://marc.info/?l=oss-security&m=125881733826437&w=2
Source: secalert@redhat.com
http://marc.info/?l=oss-security&m=125883754215621&w=2
Source: secalert@redhat.com
http://marc.info/?l=oss-security&m=125901161824278&w=2
Source: secalert@redhat.com
http://secunia.com/advisories/37717
Source: secalert@redhat.com
http://secunia.com/advisories/38517
Source: secalert@redhat.com
http://secunia.com/advisories/38573
Source: secalert@redhat.com
http://support.apple.com/kb/HT4077
Source: secalert@redhat.com
http://ubuntu.com/usn/usn-897-1
Source: secalert@redhat.com
http://www.debian.org/security/2010/dsa-1997
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2010-0109.html
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-1397-1
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2010/1107
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=540906
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11349
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8500
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html
Source: secalert@redhat.com
http://bugs.mysql.com/47780
Source: af854a3a-2127-422b-91ae-364da2661108
http://bugs.mysql.com/48291
Source: af854a3a-2127-422b-91ae-364da2661108
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=oss-security&m=125881733826437&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=oss-security&m=125883754215621&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=oss-security&m=125901161824278&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/37717
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38517
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38573
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT4077
Source: af854a3a-2127-422b-91ae-364da2661108
http://ubuntu.com/usn/usn-897-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2010/dsa-1997
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2010-0109.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-1397-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2010/1107
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=540906
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11349
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8500
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html
Source: af854a3a-2127-422b-91ae-364da2661108

44 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.7%
92th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

oracle mysql