CVE-2008-3963 Common Vulnerabilities and Exposures

Upstream information

CVE-2008-3963 at MITRE

Description

MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	4
Vector	AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	Single
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 424795 [RESOLVED / FIXED], 497546 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2008:025, published Fri, 14 Nov 2008 15:00:00 +0000
SUSE-SR:2009:001, published Mon, 12 Jan 2009 13:00:00 +0000

SUSE Timeline for this CVE

CVE page created: Tue Jul 9 16:31:16 2013
CVE page last modified: Fri Dec 8 16:27:57 2023