CVE-2010-3840
Summary
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
- LOW
- NETWORK
- SINGLE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published