CVE-2007-5925

NameCVE-2007-5925
DescriptionThe convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1413-1, DTSA-91-1
NVD severitymedium (attack range: remote)
Debian Bugs451235
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mysql-dfsgsource(unstable)(unfixed)medium
mysql-dfsgsourcesarge4.0.24-10sarge3mediumDSA-1413-1
mysql-dfsg-4.1source(unstable)(unfixed)medium
mysql-dfsg-4.1sourcesarge4.1.11a-4sarge8mediumDSA-1413-1
mysql-dfsg-5.0source(unstable)5.0.45-3medium451235
mysql-dfsg-5.0sourceetch5.0.32-7etch3mediumDSA-1413-1
mysql-dfsg-5.0sourcelenny5.0.45-1+lenny1mediumDTSA-91-1

Search for package or bug name: Reporting problems