Veracode Vulnerability DatabaseVERACODE:10718Buffer Overflow
0.949 High
EPSS
Percentile
99.3%
Oracle MySQL has a stack-based buffer overflow vulnerability. It does not handle checking of user permission in MySQL, allowing an authenticated user to crash the mysqld daemon and subsequently leading to arbitrary code execution with the privileges of the user running the application.
References
lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html
lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
lists.opensuse.org/opensuse-updates/2013-09/msg00010.html
rhn.redhat.com/errata/RHSA-2012-1551.html
rhn.redhat.com/errata/RHSA-2013-0180.html
seclists.org/fulldisclosure/2012/Dec/4
secunia.com/advisories/51443
secunia.com/advisories/53372
security.gentoo.org/glsa/glsa-201308-06.xml
www.debian.org/security/2012/dsa-2581
www.exploit-db.com/exploits/23075
www.mandriva.com/security/advisories?name=MDVSA-2013:102
www.mandriva.com/security/advisories?name=MDVSA-2013:150
www.openwall.com/lists/oss-security/2012/12/02/3
www.openwall.com/lists/oss-security/2012/12/02/4
www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
www.ubuntu.com/usn/USN-1658-1
www.ubuntu.com/usn/USN-1703-1
access.redhat.com/security/updates/classification/#important
kb.askmonty.org/en/mariadb-5166-release-notes/
kb.askmonty.org/en/mariadb-5213-release-notes/
kb.askmonty.org/en/mariadb-5311-release-notes/
kb.askmonty.org/en/mariadb-5528a-release-notes/
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395
rhn.redhat.com/errata/RHSA-2012-1551.html
Related
