Vulnerability Name:
CVE-2010-3680 (CCN-64686)
Assigned:
2010-07-09
Published:
2010-07-09
Updated:
2019-12-17
Summary:
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
CVSS v3 Severity:
3.5 Low
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
Required
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
None
Availibility (A):
Low
CVSS v2 Severity:
4.0 Medium
(CVSS v2 Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
)
3.5 Low
(Temporal CVSS v2 Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
None
Availibility (A):
Partial
4.0 Medium
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
)
3.5 Low
(CCN Temporal CVSS v2 Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
None
Availibility (A):
Partial
5.0 Medium
(REDHAT CVSS v2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
)
4.3 Medium
(REDHAT Temporal CVSS v2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P/E:H/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
None
Availibility (A):
Partial
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Denial of Service
References:
Source: CONFIRM
Type: UNKNOWN
http://bugs.mysql.com/bug.php?id=54044
Source: MITRE
Type: CNA
CVE-2010-3680
Source: CCN
Type: MySQL Web site
D.1.7. Changes in MySQL 5.1.49 (09 July 2010)
Source: CONFIRM
Type: UNKNOWN
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Source: CCN
Type: RHSA-2010-0825
Moderate: mysql security update
Source: CCN
Type: RHSA-2011-0164
Moderate: mysql security update
Source: SECUNIA
Type: Vendor Advisory
42875
Source: SECUNIA
Type: Vendor Advisory
42936
Source: DEBIAN
Type: UNKNOWN
DSA-2143
Source: DEBIAN
Type: DSA-2143
mysql-dfsg-5.0 -- several vulnerabilities
Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:155
Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:222
Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:012
Source: MLIST
Type: Exploit
[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws
Source: CCN
Type: OSVDB ID: 67381
MySQL InnoDB Temporary Table Handling DoS
Source: REDHAT
Type: UNKNOWN
RHSA-2010:0825
Source: REDHAT
Type: UNKNOWN
RHSA-2011:0164
Source: BID
Type: UNKNOWN
42598
Source: CCN
Type: BID-42598
Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
Source: TURBO
Type: UNKNOWN
TLSA-2011-3
Source: UBUNTU
Type: UNKNOWN
USN-1017-1
Source: UBUNTU
Type: UNKNOWN
USN-1397-1
Source: VUPEN
Type: Vendor Advisory
ADV-2011-0105
Source: VUPEN
Type: Vendor Advisory
ADV-2011-0133
Source: VUPEN
Type: Vendor Advisory
ADV-2011-0170
Source: VUPEN
Type: Vendor Advisory
ADV-2011-0345
Source: CONFIRM
Type: Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=628192
Source: XF
Type: UNKNOWN
mysql-innodb-dos(64686)
Source: XF
Type: UNKNOWN
mysql-innodb-dos(64686)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.31:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.32:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.34:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.37:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.43:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.46:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.47:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.48:*:*:*:*:*:*:*
Configuration RedHat 1
:
cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Configuration RedHat 2
:
cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
Configuration RedHat 3
:
cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
Configuration RedHat 4
:
cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*
Configuration RedHat 5
:
cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
Configuration RedHat 6
:
cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*
Configuration RedHat 7
:
cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*
Configuration RedHat 8
:
cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
Configuration RedHat 9
:
cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
OR
cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.32:bzr:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:bk:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
OR
cpe:/a:mysql:mysql:5.1.5a:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.37:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.34:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.32:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.31:-:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.47:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.48:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.43:sp1:*:*:*:*:*:*
OR
cpe:/a:oracle:mysql:5.1.46:sp1:*:*:*:*:*:*
AND
cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.opensuse.security:def:20103680
V
CVE-2010-3680
2015-11-16
oval:org.mitre.oval:def:12161
P
DSA-2143-1 mysql-dfsg-5.0 -- several vulnerabilities
2014-07-21
oval:org.mitre.oval:def:14934
P
USN-1397-1 -- MySQL vulnerabilities
2014-06-30
oval:org.mitre.oval:def:13602
P
USN-1017-1 -- mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities
2014-06-30
oval:org.mitre.oval:def:22961
P
ELSA-2011:0164: mysql security update (Moderate)
2014-05-26
oval:org.mitre.oval:def:23210
P
ELSA-2010:0825: mysql security update (Moderate)
2014-05-26
oval:org.mitre.oval:def:21911
P
RHSA-2011:0164: mysql security update (Moderate)
2014-02-24
oval:org.mitre.oval:def:22337
P
RHSA-2010:0825: mysql security update (Moderate)
2014-02-24
oval:com.redhat.rhsa:def:20110164
P
RHSA-2011:0164: mysql security update (Moderate)
2011-01-18
oval:com.redhat.rhsa:def:20100825
P
RHSA-2010:0825: mysql security update (Moderate)
2010-11-03
BACK
mysql
mysql 5.1.5
mysql
mysql 5.1.23
mysql
mysql 5.1.31
mysql
mysql 5.1.32
mysql
mysql 5.1.34
mysql
mysql 5.1.37
oracle
mysql 5.1
oracle
mysql 5.1.1
oracle
mysql 5.1.2
oracle
mysql 5.1.3
oracle
mysql 5.1.4
oracle
mysql 5.1.6
oracle
mysql 5.1.7
oracle
mysql 5.1.8
oracle
mysql 5.1.9
oracle
mysql 5.1.10
oracle
mysql 5.1.11
oracle
mysql 5.1.12
oracle
mysql 5.1.13
oracle
mysql 5.1.14
oracle
mysql 5.1.15
oracle
mysql 5.1.16
oracle
mysql 5.1.17
oracle
mysql 5.1.18
oracle
mysql 5.1.19
oracle
mysql 5.1.20
oracle
mysql 5.1.21
oracle
mysql 5.1.22
oracle
mysql 5.1.23 a
oracle
mysql 5.1.24
oracle
mysql 5.1.25
oracle
mysql 5.1.26
oracle
mysql 5.1.27
oracle
mysql 5.1.28
oracle
mysql 5.1.29
oracle
mysql 5.1.30
oracle
mysql 5.1.31 sp1
oracle
mysql 5.1.33
oracle
mysql 5.1.34 sp1
oracle
mysql 5.1.35
oracle
mysql 5.1.36
oracle
mysql 5.1.37 sp1
oracle
mysql 5.1.38
oracle
mysql 5.1.39
oracle
mysql 5.1.40
oracle
mysql 5.1.40 sp1
oracle
mysql 5.1.41
oracle
mysql 5.1.42
oracle
mysql 5.1.43
oracle
mysql 5.1.43 sp1
oracle
mysql 5.1.44
oracle
mysql 5.1.45
oracle
mysql 5.1.46
oracle
mysql 5.1.46 sp1
oracle
mysql 5.1.47
oracle
mysql 5.1.48
mysql
mysql 5.1.1
mysql
mysql 5.1.10
mysql
mysql 5.1.11
mysql
mysql 5.1.12
mysql
mysql 5.1.13
mysql
mysql 5.1.14
mysql
mysql 5.1.15
mysql
mysql 5.1.16
mysql
mysql 5.1.17
mysql
mysql 5.1.2
mysql
mysql 5.1.23
mysql
mysql 5.1.3
mysql
mysql 5.1.4
mysql
mysql 5.1.5
mysql
mysql 5.1.6
mysql
mysql 5.1.7
mysql
mysql 5.1.8
mysql
mysql 5.1.9
mysql
mysql 5.1
mysql
mysql 5.1.30
mysql
mysql 5.1.32-bzr
mysql
mysql 5.1.23_bk
mysql
mysql 5.1.21
mysql
mysql 5.1.22
mysql
mysql 5.1.23a
mysql
mysql 5.1.5a
mysql
mysql 5.1.18
mysql
mysql 5.1.19
mysql
mysql 5.1.20
mysql
mysql 5.1.45
mysql
mysql 5.1.44
mysql
mysql 5.1.43
mysql
mysql 5.1.42
mysql
mysql 5.1.41
mysql
mysql 5.1.40
mysql
mysql 5.1.39
mysql
mysql 5.1.38
mysql
mysql 5.1.37
mysql
mysql 5.1.36
mysql
mysql 5.1.35
mysql
mysql 5.1.34
mysql
mysql 5.1.33
mysql
mysql 5.1.32
mysql
mysql 5.1.31
mysql
mysql 5.1.46
mysql
mysql 5.1.47
mysql
mysql 5.1.48
mysql
mysql 5.1.23 a
mysql
mysql 5.1.24
mysql
mysql 5.1.25
mysql
mysql 5.1.26
mysql
mysql 5.1.27
mysql
mysql 5.1.28
mysql
mysql 5.1.29
mysql
mysql 5.1.31 sp1
mysql
mysql 5.1.34 sp1
mysql
mysql 5.1.37 sp1
mysql
mysql 5.1.40 sp1
mysql
mysql 5.1.43 sp1
mysql
mysql 5.1.46 sp1
redhat
enterprise linux 5
redhat
enterprise linux 5
redhat
enterprise linux 5
redhat
enterprise linux 6
redhat
enterprise linux 6
redhat
enterprise linux desktop 6
redhat
enterprise linux hpc node 6