Professional OVAL Repository

[Eng] [Rus] [Sign-In]

oval:org.mitre.oval:def:9930

Version

Class

vulnerability

ALTXid

1661

Language

English

Severity

NotAvailable

Title

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

Description

Family

unix

Platform

OVAL Repository

Status: ACCEPTED
Status: ACCEPTED
- 2010-07-09T03:56:16-04:00 : submitted
  - SCAP.com, LLC Aharon Chernin
- 2010-07-28T14:22:12.276-04:00 : status_change DRAFT
- 2010-08-16T04:15:01.198-04:00 : status_change INTERIM
- 2010-09-06T04:16:09.223-04:00 : status_change ACCEPTED
- 2013-04-10T17:47:00.450-04:00 : modified EDITED oval:org.mitre.oval:def:9930 - Expanded the vulnerability checks for RHEL 3, 4, and 5 to cover CentOS 3, 4, 5 and Oracle Linux 4 and 5
  - G2, Inc. Dragos Prisaca
- 2013-04-10T17:49:28.902-04:00 : status_change INTERIM
- 2013-04-29T04:23:24.805-04:00 : status_change ACCEPTED

Reference

CVE: CVE-2007-2583

Criteria

Expand All

Collapse All

AND

OR	RHEL5, CentOS5 or Oracle Linux 5

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:11414) The operating system installed on the system is Red Hat Enterprise Linux 5

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:15802) The operating system installed on the system is CentOS Linux 5.x

EXTENDED DEFINITION (ID = oval:org.mitre.oval:def:15459) Oracle Linux 5.x

OR Configuration section
- CRITERION mysql is earlier than 0:5.0.45-7.el5
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36197) check=at least one, check_existence=at_least_one_exists, comment=mysql is earlier than 0:5.0.45-7.el5, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14355)
      name mysql
    - rpminfo_state (ID = oval:org.mitre.oval:ste:10852)
      evr datatype=evr_string | operation=less than | value=0:5.0.45-7.el5
- CRITERION mysql-devel is earlier than 0:5.0.45-7.el5
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36749) check=at least one, check_existence=at_least_one_exists, comment=mysql-devel is earlier than 0:5.0.45-7.el5, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14481)
      name mysql-devel
    - rpminfo_state (ID = oval:org.mitre.oval:ste:10852)
      evr datatype=evr_string | operation=less than | value=0:5.0.45-7.el5
- CRITERION mysql-test is earlier than 0:5.0.45-7.el5
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36750) check=at least one, check_existence=at_least_one_exists, comment=mysql-test is earlier than 0:5.0.45-7.el5, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14941)
      name mysql-test
    - rpminfo_state (ID = oval:org.mitre.oval:ste:10852)
      evr datatype=evr_string | operation=less than | value=0:5.0.45-7.el5
- CRITERION mysql-bench is earlier than 0:5.0.45-7.el5
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36831) check=at least one, check_existence=at_least_one_exists, comment=mysql-bench is earlier than 0:5.0.45-7.el5, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14400)
      name mysql-bench
    - rpminfo_state (ID = oval:org.mitre.oval:ste:10852)
      evr datatype=evr_string | operation=less than | value=0:5.0.45-7.el5
- CRITERION mysql-server is earlier than 0:5.0.45-7.el5
  - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36646) check=at least one, check_existence=at_least_one_exists, comment=mysql-server is earlier than 0:5.0.45-7.el5, version=2
    - rpminfo_object (ID = oval:org.mitre.oval:obj:14342)
      name mysql-server
    - rpminfo_state (ID = oval:org.mitre.oval:ste:10852)
      evr datatype=evr_string | operation=less than | value=0:5.0.45-7.el5


	2008-2021, © AO ALTEX-SOFT , ovaldb@altx-soft.com OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.

Access vector:	PARTIAL
Access complexity:	LOW
Authentication:	SINGLE
Confidentiality impact:	NONE
Integrity impact:	NONE
Availability impact:	PARTIAL