Intrusion Prevention

Oracle.MySQL.Database.COM_FIELD_LIST.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in MySQL database server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted table name argument in a COM_FIELD_LIST command packet. It allows a remote attacker to execute arbitrary code.

Affected Products

Oracle MySQL 5.1.41 and previous versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to version 5.1.47 or later:
http://www.mysql.com/

CVE References

CVE-2010-1850