Lucene search

[email protected]CVE-2016-0668

HistoryApr 21, 2016 - 10:59 a.m.

CVE-2016-0668

2016-04-2110:59:32

[email protected]

web.nvd.nist.gov

cve-2016-0668

oracle

mysql

mariadb

vulnerability

local users

availability

vectors

innodb

nvd

1.7 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:M/C:N/I:N/A:P

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.6%

JSON

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

Affected configurations

NVD

Node

oraclemysqlRange5.6.0–5.6.28

oraclemysqlRange5.7.0–5.7.10

Node

mariadbmariadbRange10.0.0–10.0.24

mariadbmariadbRange10.1.0–10.1.12

Node

debiandebian_linuxMatch8.0

Node

opensuseleapMatch42.1

opensuseopensuseMatch13.2

suselinux_enterprise_desktopMatch12-

suselinux_enterprise_desktopMatch12sp1

suselinux_enterprise_serverMatch12-

suselinux_enterprise_serverMatch12sp1

suselinux_enterprise_software_development_kitMatch12-

suselinux_enterprise_software_development_kitMatch12sp1

suselinux_enterprise_workstation_extensionMatch12-

suselinux_enterprise_workstation_extensionMatch12sp1

Node

canonicalubuntu_linuxMatch12.04-

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch15.10

CPENameOperatorVersion
oracle:mysqloracle mysqlle5.6.28
oracle:mysqloracle mysqlle5.7.10

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	le	5.6.28
oracle:mysql	oracle mysql	le	5.7.10

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

rhn.redhat.com/errata/RHSA-2016-0705.html

www.debian.org/security/2016/dsa-3595

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.securityfocus.com/bid/86467

www.securitytracker.com/id/1035606

www.ubuntu.com/usn/USN-2953-1

access.redhat.com/errata/RHSA-2016:1132

mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/

mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/

Social References

1.7 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:M/C:N/I:N/A:P

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVE-2016-0668

prion1 ubuntucve1 veracode1 mariadbunix1 nvd1 cvelist1 openvas11 nessus17 debian2 f52 ubuntu1 suse5 freebsd1 ibm1 kaspersky1 redhat2 oracle1