Lucene search

[email protected]NVD:CVE-2016-0546

HistoryJan 21, 2016 - 3:01 a.m.

CVE-2016-0546

2016-01-2103:01:33

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

5.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.1%

JSON

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

Affected configurations

NVD

Node

canonicalubuntu_linuxMatch12.04lts

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch15.04

canonicalubuntu_linuxMatch15.10

Node

mariadbmariadbRange5.5.20–5.5.47

mariadbmariadbRange10.0.0–10.0.23

mariadbmariadbRange10.1.0–10.1.10

Node

redhatenterprise_linuxMatch6.0

redhatenterprise_linuxMatch7.0

Node

oraclemysqlRange5.5.0–5.5.46

oraclemysqlRange5.6.0–5.6.27

oraclemysqlRange5.7.0–5.7.9

Node

oraclesolarisMatch11.3

Node

oraclelinuxMatch7

Node

opensuseleapMatch42.1

opensuseopensuseMatch13.2

Node

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_hpc_nodeMatch7.0

redhatenterprise_linux_hpc_node_eusMatch7.2

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.2

redhatenterprise_linux_server_eusMatch7.2

redhatenterprise_linux_workstationMatch7.0

Node

debiandebian_linuxMatch8.0

References

lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html

lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

rhn.redhat.com/errata/RHSA-2016-0534.html

rhn.redhat.com/errata/RHSA-2016-0705.html

rhn.redhat.com/errata/RHSA-2016-1480.html

rhn.redhat.com/errata/RHSA-2016-1481.html

www.debian.org/security/2016/dsa-3453

www.debian.org/security/2016/dsa-3459

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/81066

www.securitytracker.com/id/1034708

www.ubuntu.com/usn/USN-2881-1

access.redhat.com/errata/RHSA-2016:1132

bugzilla.redhat.com/show_bug.cgi?id=1301493

dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html

dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html

github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f

mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/

mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/

mariadb.com/kb/en/mdb-10023-rn/

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

5.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.1%

JSON

Related for NVD:CVE-2016-0546

mariadbunix1 cve1 cvelist1 prion1 ubuntucve1 veracode1 nessus37 openvas26 debian5 kaspersky1 f51 ibm1 ubuntu1 suse6 oraclelinux1 redhat6 centos1 amazon2 fedora4 oracle1