DB: Oracle MySQL Server Geometry Query Integer Overflow
This signature detects attempts to exploit a known vulnerability against MySQL database server. A successful attack can lead to arbitrary code execution.
Extended Description
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
Affected Products
Opensuse opensuse
Short Name
DB:MYSQL:GEOMETRY-INT-OVF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2013-1861 Geometry Integer MySQL Oracle Overflow Query Server bid:58511
Release Date
03/27/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Suse
Redhat
Opensuse
Oracle
Mariadb
Debian
Canonical
CVSS Score
5.0