CVE 2009-4019
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
Related bugs and status
CVE-2009-4019 (Candidate) is related to these bugs:
Bug #323755: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
Bug #937869: MySQL security update tracking bug
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu Maverick) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu Natty) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu Oneiric) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu Maverick) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu Natty) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu Oneiric) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu Lucid) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu Lucid) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu Lucid) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu Maverick) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu Natty) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu Oneiric) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-5.1 (Ubuntu Hardy) | Undecided | Invalid | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.0 (Ubuntu Hardy) | Undecided | Fix Released | ||
937869 | MySQL security update tracking bug | mysql-dfsg-5.1 (Ubuntu Hardy) | Undecided | Invalid |
See the
CVE page on Mitre.org
for more details.