CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.4%
The MySQL project reports:
CVE-2016-3492: Remote security vulnerability in ‘Server: Optimizer’
sub component.
CVE-2016-5616, CVE-2016-6663: Race condition allows local users with
certain permissions to gain privileges by leveraging use of my_copystat
by REPAIR TABLE to repair a MyISAM table.
CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based
logging, allows local users with access to the mysql account to gain
root privileges via a symlink attack on error logs and possibly other
files.
CVE-2016-5624: Remote security vulnerability in ‘Server: DML’ sub
component.
CVE-2016-5626: Remote security vulnerability in ‘Server: GIS’ sub
component.
CVE-2016-5629: Remote security vulnerability in ‘Server: Federated’
sub component.
CVE-2016-8283: Remote security vulnerability in ‘Server: Types’ sub
component.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | mariadb55-client | < 5.5.52 | UNKNOWN |
FreeBSD | any | noarch | mariadb55-server | < 5.5.52 | UNKNOWN |
FreeBSD | any | noarch | mariadb100-client | < 10.0.28 | UNKNOWN |
FreeBSD | any | noarch | mariadb100-server | < 10.0.28 | UNKNOWN |
FreeBSD | any | noarch | mariadb101-client | < 10.1.18 | UNKNOWN |
FreeBSD | any | noarch | mariadb101-server | < 10.1.18 | UNKNOWN |
FreeBSD | any | noarch | mysql55-client | < 5.5.52 | UNKNOWN |
FreeBSD | any | noarch | mysql55-server | < 5.5.52 | UNKNOWN |
FreeBSD | any | noarch | mysql56-client | < 5.6.33 | UNKNOWN |
FreeBSD | any | noarch | mysql56-server | < 5.6.33 | UNKNOWN |
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.4%