Description
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
Remediation
References
Related Vulnerabilities
Squid Improper Encoding or Escaping of Output Vulnerability (CVE-2021-28662)
Oracle Database Server CVE-2024-20903 Vulnerability (CVE-2024-20903)
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22724)
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)