Description
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
Remediation
References
Related Vulnerabilities
WordPress Plugin JTRT Responsive Tables SQL Injection (4.1)
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
Joomla! Core 3.x.x Cross-Site Scripting (3.1.0 - 3.9.23)
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-33816)