Description

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.

Remediation

References

CVE-2007-1420

Related Vulnerabilities

WordPress Plugin bbPress SQL Injection (2.5.14)

Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2021-21615)

WordPress Plugin Booking Calendar-Clockwork SMS Cross-Site Scripting (1.0.5)

PHP Improper Input Validation Vulnerability (CVE-2007-4887)

Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)

Severity

Low

Classification

CVE-2007-1420

Tags

Missing Update Known Vulnerabilities