Main Vulnerability Database Exploits ID:4445 - Exploit for NULL pointer dereference in mysql - CVE-2010-3682

ID:4445 - Exploit for NULL pointer dereference in mysql - CVE-2010-3682

Published: August 11, 2020

Vulnerability identifier: #VU45468

Vulnerability risk: Low

CVE-ID: CVE-2010-3682

CWE-ID: CWE-476

Exploitation vector: Remote access

Vulnerable software:
mysql

Link to public exploit:

https://www.exploit-db.com/exploits/34506/

Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in with crafted "SELECT .. UNION .. ORDER BY (SELECT .. WHERE ..)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Per: http://cwe.mitre.org/data/definitions/476. A remote attacker can perform a denial of service (DoS) attack.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:4445 - Exploit for NULL pointer dereference in mysql - CVE-2010-3682

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human