Lucene search

K

Veracode Vulnerability DatabaseVERACODE:10718

HistoryJan 15, 2019 - 8:51 a.m.

Buffer Overflow

2019-01-1508:51:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

Oracle MySQL has a stack-based buffer overflow vulnerability. It does not handle checking of user permission in MySQL, allowing an authenticated user to crash the mysqld daemon and subsequently leading to arbitrary code execution with the privileges of the user running the application.

CPENameOperatorVersion
mysqleq5.0.77__4.el5_4.1
mysqleq5.1.61__4.el6
mysqleq5.0.77__4.el5_5.3
mysqleq5.0.77__4.el5_4.2
mysqleq5.0.22__2.2.el5_1.1
mysqleq5.0.77__4.el5_5.5
mysqleq5.0.77__4.el5_6.6
mysqleq5.0.84__2.el5s2
mysqleq5.0.77__4.el5_5.4
mysqleq5.0.45__7.el5

Rows per page:

1-10 of 171

References

lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html

lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html

lists.opensuse.org/opensuse-updates/2013-09/msg00010.html

rhn.redhat.com/errata/RHSA-2012-1551.html

rhn.redhat.com/errata/RHSA-2013-0180.html

seclists.org/fulldisclosure/2012/Dec/4

secunia.com/advisories/51443

secunia.com/advisories/53372

security.gentoo.org/glsa/glsa-201308-06.xml

www.debian.org/security/2012/dsa-2581

www.exploit-db.com/exploits/23075

www.mandriva.com/security/advisories?name=MDVSA-2013:102

www.mandriva.com/security/advisories?name=MDVSA-2013:150

www.openwall.com/lists/oss-security/2012/12/02/3

www.openwall.com/lists/oss-security/2012/12/02/4

www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

www.ubuntu.com/usn/USN-1658-1

www.ubuntu.com/usn/USN-1703-1

access.redhat.com/security/updates/classification/#important

kb.askmonty.org/en/mariadb-5166-release-notes/

kb.askmonty.org/en/mariadb-5213-release-notes/

kb.askmonty.org/en/mariadb-5311-release-notes/

kb.askmonty.org/en/mariadb-5528a-release-notes/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395

rhn.redhat.com/errata/RHSA-2012-1551.html

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P