Description

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

Remediation

References

CVE-2007-6304

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1570)

WordPress Plugin Product Import Export for WooCommerce Cross-Site Request Forgery (1.7.4)

WordPress Plugin MemberSonic Lite Security Bypass (1.2)

WordPress Plugin Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.7.6)

Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19242)

Severity

Medium

Classification

CVE-2007-6304

Tags

Missing Update Known Vulnerabilities