PublicDate: 2007-05-10 00:19:00 UTC
Candidate: CVE-2007-2583
References: 
 http://lists.mysql.com/commits/23704
 https://ubuntu.com/security/notices/USN-528-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583
Description:
 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and
 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a
 denial of service (crash) via a crafted IF clause that results in a
 divide-by-zero error and a NULL pointer dereference.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: jdstrand
CVSS: 
dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.5)
edgy_mysql-dfsg-5.0: released (5.0.24a-9ubuntu2.1)
feisty_mysql-dfsg-5.0: released (5.0.38-0ubuntu1.1)
devel_mysql-dfsg-5.0: released (5.0.45-1ubuntu2)
upstream_mysql-dfsg-5.0: released (5.0.40)