4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
A vulnerability in the MySQL Connectors component of Oracle MySQL
(subcomponent: Connector/J) has been discovered that may result in
unauthorized update, insert or delete access to some MySQL Connectors
accessible data as well as read access to a subset of MySQL Connectors.
The issue is addressed by updating to the latest stable release of
mysql-connector-java since Oracle did not release further information.
Please see Oracle’s Critical Patch Update advisory for further details.
For Debian 7 Wheezy, these problems have been fixed in version
5.1.39-1~deb7u1.
We recommend that you upgrade your mysql-connector-java packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>