Kaspersky LabKLA10847KLA10847 Multiple vulnerabilities in Oracle MySQL
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.087 Low
EPSS
Percentile
94.4%
Detect date:
07/19/2016
Severity:
High
Description:
An unspecified vulnerabilities were found in Oracle MySQL server. By exploiting these vulnerabilities malicious users can cause denial of service affect integrity or obtain sensitive information. These vulnerabilities can be exploited locally or remotely.
Affected products:
Oracle MySQL server versions earlier than 5.5.50
Oracle MySQL server 5.6 versions earlier than 5.6.31
Oracle MySQL server 5.7 versions earlier than 5.7.13
Solution:
Update to the latest version
MySQL downloads page
Original advisories:
Impacts:
OSI
Related products:
CVE-IDS:
CVE-2016-54414.0Warning
CVE-2016-54424.0Warning
CVE-2016-54431.2Warning
CVE-2016-54444.3Warning
CVE-2016-34866.8High
CVE-2016-35014.0Warning
CVE-2016-35186.8High
CVE-2016-35216.8High
CVE-2016-34244.0Warning
CVE-2016-35884.9Warning
CVE-2016-34404.0Warning
CVE-2016-54374.0Warning
CVE-2016-34524.3Warning
CVE-2016-34594.0Warning
CVE-2016-21055.0Warning
CVE-2016-34716.2High
CVE-2016-36143.5Warning
CVE-2016-36154.3Warning
CVE-2016-54364.0Warning
CVE-2016-34774.1Warning
CVE-2016-54394.0Warning
CVE-2016-54404.0Warning
References
www.mysql.com/downloads/
www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3424
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3501
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3518
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3588
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5444
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-MySQL/
Related
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.087 Low
EPSS
Percentile
94.4%