Security Bulletin: vulnerabilities in OpenSource Oracle MySQL Server affect IBM Security Guardium

Summary

An unspecified vulnerability in Oracle MySQL Server related to the Server could allow a remote attacker to cause a denial of service

Vulnerability Details

CVEID: CVE-2015-2582**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : GIS component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104760&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2617**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Partition component has partial confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104757&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVEID: CVE-2015-2611**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : DML component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104759&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2639**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component has no confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104770&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

CVEID: CVE-2015-2641**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Privileges component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104772&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2643**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Optimizer component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104763&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2648**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : DML component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104758&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2661**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Client component could allow a local attacker to cause a denial of service.
CVSS Base Score: 2.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104773&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2015-4752**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : I_S component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104761&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4761**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Memcached component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104765&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4767**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 1.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104774&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:M/C:N/I:N/A:P)

CVEID: CVE-2015-4769**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104769&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4772**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : Partition component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104764&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4771**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server : RBR component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104768&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Affected Products and Versions

9x, 10

Remediation/Fixes

Product

| VRMF| APAR| Remediation/First Fix
—|—|—|—
IBM Security Guardium| _9x _| _PSIRT 60962 _ | http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6015_SecurityUpdate&includeSupersedes=0&source=fc IBM Security Guardium| 10| _PSIRT 60962 _| http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6015_SecurityUpdate&includeSupersedes=0&source=fc