Your submission was sent successfully! Close

CVE-2006-7232

Published: 31 December 2006

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Notes

AuthorNote
jdstrand
DoS, but escalated to medium for customer
Priority

Medium

Status

Package Release Status
mysql-dfsg-5.0
Launchpad, Ubuntu, Debian
dapper
Released (5.0.22-0ubuntu6.06.8)
edgy
Released (5.0.24a-9ubuntu2.4)
feisty Not vulnerable

gutsy Not vulnerable

upstream
Released (5.0.32)