Lucene search

[email protected]CVE-2013-3804

HistoryJul 17, 2013 - 1:41 p.m.

CVE-2013-3804

2013-07-1713:41:16

[email protected]

web.nvd.nist.gov

cve-2013-3804

mysql

oracle

vulnerability

nvd

server optimizer

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

4.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.4%

JSON

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Affected configurations

NVD

Node

oraclemysqlRange5.1.0–5.1.69

oraclemysqlRange5.5.0–5.5.31

oraclemysqlRange5.6.0–5.6.11

Node

debiandebian_linuxMatch7.0

Node

canonicalubuntu_linuxMatch10.04-

canonicalubuntu_linuxMatch12.04-

canonicalubuntu_linuxMatch12.10

canonicalubuntu_linuxMatch13.04

Node

mariadbmariadbRange5.5.0–5.5.32

mariadbmariadbRange10.0.0–10.0.4

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

suselinux_enterprise_desktopMatch11sp3

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

suselinux_enterprise_software_development_kitMatch11sp3

CPENameOperatorVersion
oracle:mysqloracle mysqlle5.1.69
oracle:mysqloracle mysqlle5.5.31
oracle:mysqloracle mysqlle5.6.11

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	le	5.1.69
oracle:mysql	oracle mysql	le	5.5.31
oracle:mysql	oracle mysql	le	5.6.11

References

lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html

lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html

lists.opensuse.org/opensuse-updates/2013-08/msg00024.html

lists.opensuse.org/opensuse-updates/2013-09/msg00008.html

osvdb.org/95328

secunia.com/advisories/53372

secunia.com/advisories/54300

security.gentoo.org/glsa/glsa-201308-06.xml

www.debian.org/security/2013/dsa-2818

www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

www.ubuntu.com/usn/USN-1909-1

exchange.xforce.ibmcloud.com/vulnerabilities/85715

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

4.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.4%

JSON

Related for CVE-2013-3804

mariadbunix1 nvd1 ubuntucve1 cvelist1 prion1 veracode1 openvas10 nessus11 ubuntu1 debian2 suse2 oracle1 securityvulns1 gentoo1