Vulnerability CVE-2016-3477
Published: 2016-07-21

Description:
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.1/10
6.4/10
2.7/10
Exploit range
Attack complexity
Authentication
Local
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Oracle -> Mysql 
Oracle -> Linux 
Mariadb -> Mariadb 
IBM -> Powerkvm 
Debian -> Debian linux 
Canonical -> Ubuntu linux 

 References:
http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1601.html
http://rhn.redhat.com/errata/RHSA-2016-1602.html
http://rhn.redhat.com/errata/RHSA-2016-1603.html
http://rhn.redhat.com/errata/RHSA-2016-1604.html
http://rhn.redhat.com/errata/RHSA-2016-1637.html
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
http://www.debian.org/security/2016/dsa-3624
http://www.debian.org/security/2016/dsa-3632
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91902
http://www.securitytracker.com/id/1036362
http://www.ubuntu.com/usn/USN-3040-1
https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/
Copyright 2024, cxsecurity.com

 

Back to Top