Lucene search

Kaspersky LabKLA10638

HistoryJul 17, 2015 - 12:00 a.m.

KLA10638 Multiple vulnerabilities in Oracle MySQL

2015-07-1700:00:00

Kaspersky Lab

threats.kaspersky.com

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.8%

JSON

Detect date:

07/17/2015

Severity:

High

Description:

Unspecified vulnerabilities were found in MySQL Server. Malicious users can exploit these vulnerabilities to affect confidentiality,integrity and availability via unknown vectors related to Partition, DML, GIS and RBR.

Affected products:

Oracle MySQL Server versions 5.5.43 and earlier
Oracle MySQL Server versions 5.6.24 and earlier

Solution:

Update to latest version
Get MySQL

Original advisories:

Oracle Critical Patch Update Advisory

Impacts:

OSI

Related products:

MySQL

CVE-IDS:

CVE-2015-47671.7Warning
CVE-2015-47613.5Warning
CVE-2015-47573.5Warning
CVE-2015-47564.0Warning
CVE-2015-47524.0Warning
CVE-2015-25824.0Warning
CVE-2015-26204.3Warning
CVE-2015-26114.0Warning
CVE-2015-26176.5High
CVE-2015-26484.0Warning
CVE-2015-47724.0Warning
CVE-2015-47713.5Warning
CVE-2015-26434.0Warning
CVE-2015-47693.5Warning
CVE-2015-26393.5Warning
CVE-2015-47373.5Warning
CVE-2015-26413.5Warning

References

www.mysql.com/downloads/

www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2582

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2611

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2617

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2620

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2639

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2641

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2643

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2648

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4737

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4752

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4756

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4757

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4761

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4767

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4769

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4771

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4772

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/MySQL/

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for KLA10638