This is the latest vulnerability. Please install official patches in time.
Vulnerability version:
MySQL AB MySQL
Vulnerability description:
Bugtraq id: 58511
CVE (CAN) ID: CVE-2013-1861
Oracle MySQL Server is a small relational database management system. MariaDB is a MySQL branch version using the Maria storage engine and is a free open-source database server.
When MySQL and MariaDB convert the binary string expression of the original geometry object to a text expression, MySQL's spatial function length check will overflow, resulting in application crash.
<* Reference
Https://bugzilla.redhat.com/show_bug.cgi? Id = 919247
Http://seclists.org/oss-sec/2013/q1/671
*>
Test method:
@ Sebug.net dis
The program (method) provided on this site may be offensive and only used for security research and teaching. You are at your own risk!
& Quot; select astext (0 ×0100000000030000000100000000000010); & quot;
Sebug security suggestions:
Vendor patch:
MySQL AB
--------
The current manufacturer has released a patch to fix this security problem, please download to the vendor's home page: http://www.mysql.com/