CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.4%
Root Privilege Escalation (CVE-2016-6664). Unspecified vulnerability affecting the Optimizer component (CVE-2017-3238). Unspecified vulnerability affecting the Charsets component (CVE-2017-3243). Unspecified vulnerability affecing the DML component (CVE-2017-3244). Unspecified vulnerability affecting InnoDB (CVE-2017-3257). Unspecified vulnerability in the DDL component (CVE-2017-3258). Unsafe chmod/chown use in init script (CVE-2017-3265). Unrestricted mysqld_safe’s ledir (CVE-2017-3291). Insecure error log file handling in mysqld_safe, due to an incomplete fix for CVE-2016-6664 (CVE-2017-3312). Unspecified vulnerability affecting Logging (CVE-2017-3317). Unspecified vulnerability affecting Error Handling (CVE-2017-3318). Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | mariadb | < 10.0.29-1.3 | mariadb-10.0.29-1.3.mga5 |
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.4%