ALT-PU-2016-1722-1

CVE-2016-3477

HIGH8.1

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Published: 2016-07-21Modified: 2025-04-12

CVSS 2.0MEDIUM 4.1

CVSS:2.0/AV:L/AC:M/Au:S/C:P/I:P/A:P

CVSS 3.xHIGH 8.1

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1601.html
http://rhn.redhat.com/errata/RHSA-2016-1602.html
http://rhn.redhat.com/errata/RHSA-2016-1603.html
http://rhn.redhat.com/errata/RHSA-2016-1604.html
http://rhn.redhat.com/errata/RHSA-2016-1637.html
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
http://www.debian.org/security/2016/dsa-3624
http://www.debian.org/security/2016/dsa-3632
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91902
http://www.securitytracker.com/id/1036362
http://www.ubuntu.com/usn/USN-3040-1
https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/
http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1601.html
http://rhn.redhat.com/errata/RHSA-2016-1602.html
http://rhn.redhat.com/errata/RHSA-2016-1603.html
http://rhn.redhat.com/errata/RHSA-2016-1604.html
http://rhn.redhat.com/errata/RHSA-2016-1637.html
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
http://www.debian.org/security/2016/dsa-3624
http://www.debian.org/security/2016/dsa-3632
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91902
http://www.securitytracker.com/id/1036362
http://www.ubuntu.com/usn/USN-3040-1
https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/

Package update mariadb in branch sisyphus

Closed issues (4)

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.