Total vulnerabilities in the database
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
| Software | From | Fixed in |
|---|---|---|
| mysql / mysql | 5.1.23 | 5.1.23.x |
| mysql / mysql | 6.0.9 | 6.0.9.x |
| mysql / mysql | - | 5.1.32-bzr.x |
| mysql / mysql | 5.1.31 | 5.1.31.x |
| mysql / mysql | 6.0.10-bzr | 6.0.10-bzr.x |
| oracle / mysql | 6.0.0 | 6.0.0.x |
| oracle / mysql | 6.0.1 | 6.0.1.x |
| oracle / mysql | 6.0.2 | 6.0.2.x |
| oracle / mysql | 6.0.3 | 6.0.3.x |
| oracle / mysql | 6.0.4 | 6.0.4.x |
| oracle / mysql | 5.1 | 5.1.x |
| oracle / mysql | 5.1.1 | 5.1.1.x |
| oracle / mysql | 5.1.2 | 5.1.2.x |
| oracle / mysql | 5.1.3 | 5.1.3.x |
| oracle / mysql | 5.1.10 | 5.1.10.x |
| oracle / mysql | 5.1.11 | 5.1.11.x |
| oracle / mysql | 5.1.12 | 5.1.12.x |
| oracle / mysql | 5.1.13 | 5.1.13.x |
| oracle / mysql | 5.1.14 | 5.1.14.x |
| oracle / mysql | 5.1.15 | 5.1.15.x |
| oracle / mysql | 5.1.16 | 5.1.16.x |
| oracle / mysql | 5.1.17 | 5.1.17.x |
| oracle / mysql | 5.1.18 | 5.1.18.x |
| oracle / mysql | 5.1.19 | 5.1.19.x |
| oracle / mysql | 5.1.20 | 5.1.20.x |
| oracle / mysql | 5.1.21 | 5.1.21.x |
| oracle / mysql | 5.1.22 | 5.1.22.x |
| oracle / mysql | 5.1.24 | 5.1.24.x |
| oracle / mysql | 5.1.25 | 5.1.25.x |
| oracle / mysql | 5.1.26 | 5.1.26.x |
| oracle / mysql | 5.1.27 | 5.1.27.x |
| oracle / mysql | 5.1.28 | 5.1.28.x |
| oracle / mysql | 5.1.29 | 5.1.29.x |
| oracle / mysql | 5.1.30 | 5.1.30.x |
| oracle / mysql | 5.1.23-a | 5.1.23-a.x |
| oracle / mysql | 5.1.31-sp1 | 5.1.31-sp1.x |