Description
MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)
ownCloud Uncontrolled Resource Consumption Vulnerability (CVE-2017-5867)
WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)
WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)