Unrated severityNVD Advisory· Published Mar 5, 2009· Updated Jun 16, 2026
CVE-2009-0819
CVE-2009-0819
Description
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*range: <=5.1.32-bzr
- cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:6.0.10-bzr:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:6.0.9:*:*:*:*:*:*:*
- (no CPE)range: <5.1.32, <6.0.10
cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:6.0.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- bugs.mysql.com/bug.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/33972nvdExploit
- dev.mysql.com/doc/refman/5.1/en/news-5-1-32.htmlnvdVendor Advisory
- secunia.com/advisories/34115nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0594nvdVendor Advisory
- dev.mysql.com/doc/refman/6.0/en/news-6-0-10.htmlnvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49050nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7544nvd
News mentions
0No linked articles in our index yet.