CVE-2007-1420

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.

Published: Mar 12, 2007
Updated: Nov 9, 2025
CVE: CVE-2007-1420
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mysql / mysql	5.0.5	5.0.5.x
mysql / mysql	5.0.10	5.0.10.x
mysql / mysql	5.0.0	5.0.0.x
mysql / mysql	5.0.15	5.0.15.x
mysql / mysql	5.0.17	5.0.17.x
mysql / mysql	5.0.3	5.0.3.x
mysql / mysql	-	5.0.33.x
mysql / mysql	5.0.24	5.0.24.x
mysql / mysql	5.0.2	5.0.2.x
mysql / mysql	5.0.30	5.0.30.x
mysql / mysql	5.0.20	5.0.20.x
mysql / mysql	5.0.1	5.0.1.x
mysql / mysql	5.0.4	5.0.4.x
mysql / mysql	5.0.16	5.0.16.x
oracle / mysql	5.0.6	5.0.6.x
oracle / mysql	5.0.32	5.0.32.x
oracle / mysql	5.0.41	5.0.41.x
oracle / mysql	5.0.7	5.0.7.x

Vulnerability Database

300,445

CVE-2007-1420

Deep Security Visibility Without the Complexity