CVE-2013-1861

Name of the Vulnerable Software and Affected Versions MariaDB versions 5.1.x through 5.1.67 MariaDB versions 5.2.x through 5.2.14 MariaDB versions 5.3.x through 5.3.12 MariaDB versions 5.5.x through 5.5.29 Oracle MySQL versions 5.1.x through 5.1.69 Oracle MySQL versions 5.5.x through 5.5.31 Oracle MySQL versions 5.6.x through 5.6.11

Description The issue allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points. This is due to a numeric calculation error when processing the binary representation of this feature.

Recommendations For MariaDB versions 5.1.x through 5.1.67, update to version 5.1.68 or later. For MariaDB versions 5.2.x through 5.2.14, update to version 5.2.15 or later. For MariaDB versions 5.3.x through 5.3.12, update to version 5.3.13 or later. For MariaDB versions 5.5.x through 5.5.29, update to version 5.5.30 or later. For Oracle MySQL versions 5.1.x through 5.1.69, update to a version later than 5.1.69. For Oracle MySQL versions 5.5.x through 5.5.31, update to a version later than 5.5.31. For Oracle MySQL versions 5.6.x through 5.6.11, update to a version later than 5.6.11.