MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
Exploitability
AV:NAC:LAu:NImpact
C:NI:NA:P5/AV:N/AC:L/Au:N/C:N/I:N/A:P