|Check Point Reference:||CPAI-2006-081|
|Date Published:||5 Jul 2006|
|Last Updated:||15 May 2007|
|Protection Provided by:|
|Who is Vulnerable?||MySQL versions prior to 4.1.18, 5.0.19, and 5.1.6|
|Vulnerability Description||The MySQL server fails to properly handle unexpected input submitted to the str_to_date function.
This can be triggered by remote attackers to crash affected database servers and deny service to legitimate users.
|Vulnerability Details||Mysqld in several versions of MySQL allows remote users to cause a denial of service via a NULL second argument to the str_to_date function.|