Check Point Advisories

Update Protection against MySQL COM_FIELD_LIST Packet Buffer Overflow

Check Point Reference: CPAI-2010-140
Date Published: 11 Jun 2010
Severity: High
Last Updated: Friday 01 January, 2010
Source: SecurityTracker Alert ID:  1024033
Industry Reference:CVE-2010-1850
Protection Provided by:
Who is Vulnerable? MySQL prior to 5.1.47
Vulnerability Description A buffer overflow vulnerability was reported in MySQL. The vulnerability is due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code.
Update/Patch AvaliableVendor's advisory
Vulnerability DetailsA remote authenticated user can send a COM_FIELD_LIST command packet with a specially crafted table name argument to trigger a buffer overflow and potentially execute arbitrary code on the target system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK