CVE-2010-3835

Name of the Vulnerable Software and Affected Versions MySQL versions 5.1 before 5.1.51 MySQL versions 5.5 before 5.5.6

Description The issue allows remote authenticated users to cause a denial of service, resulting in a mysqld server crash. This is achieved by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY. The expression value is then used after the table is created, causing the expression to be re-evaluated instead of accessing its value from the table.

Recommendations For MySQL versions 5.1 before 5.1.51, update to version 5.1.51 or later. For MySQL versions 5.5 before 5.5.6, update to version 5.5.6 or later.