Skip to main content

CVE-2009-0819

Severity Medium
Score 4/10

Summary

sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.

  • LOW
  • NETWORK
  • SINGLE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published