CVE-2001-1225

Current Description

Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.

Basic Data

PublishedDecember 26, 2001
Last ModifiedSeptember 05, 2008
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationHughesMsql2.0.10*******
    2.3ApplicationHughesMsql2.0.11*******
    2.3ApplicationHughesMsql2.0.12*******

Vulnerable Software List

VendorProductVersions
Hughes Msql 2.0.10, 2.0.11, 2.0.12

References

NameSourceURLTags
msql-char-array-dos(7746)http://www.iss.net/security_center/static/7746.phpXFVendor Advisory
20011226 msql DoShttp://www.securityfocus.com/archive/1/247222BUGTRAQVendor Advisory
3742http://www.securityfocus.com/bid/3742BIDVendor Advisory