Published: 21/04/2016 Updated: 27/12/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Unspecified vulnerability in Oracle MySQL 5.5.48 and previous versions, 5.6.29 and previous versions, and 5.7.11 and previous versions and MariaDB prior to 5.5.49, 10.0.x prior to 10.0.25, and 10.1.x prior to 10.1.14 allows local users to affect availability via vectors related to FTS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse leap 42.1
debian debian linux 8.0
oracle linux 7
redhat enterprise linux 6.0
redhat enterprise linux 7.0
ibm powerkvm 3.1
ibm powerkvm 2.1
oracle mysql
mariadb mariadb

Debian Bug report logs - #821094 Security fixes from the April 2016 CPU Package: src:mysql-56; Maintainer for src:mysql-56 is (unknown); Reported by: "Norvald H Ryeng" <norvaldryeng@oraclecom> Date: Fri, 15 Apr 2016 12:03:01 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in version mysql-56/562 ...

Several security issues were fixed in MySQL ...

Several issues have been discovered in the MariaDB database server The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10025 Please see the MariaDB 100 Release Notes for further details: mariadbcom/kb/en/mariadb/mariadb-10024-release-notes/ mariadbcom/kb/en/mariadb/mariadb-10025-release-notes/ ...

It was found that the MariaDB client library did not properly check host names against server identities noted in the X509 certificates when establishing secure connections using TLS/SSL A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client (CVE-2016-2047) Unspecified vulnerability in Oracle MySQL 5546 a ...

A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash (CVE-2016-0705) The ssl_verify_server_cert function in sql-common/ ...

Unspecified vulnerability in Oracle MySQL 5548 and earlier, 5629 and earlier, and 5711 and earlier and MariaDB before 5549, 100x before 10025, and 101x before 10114 allows local users to affect availability via vectors related to FTS ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://www.debian.org/security/2016/dsa-3595 https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 http://rhn.redhat.com/errata/RHSA-2016-1602.html http://www.securityfocus.com/bid/86495 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html http://www.ubuntu.com/usn/USN-2954-1 http://www.securitytracker.com/id/1035606 http://www.debian.org/security/2016/dsa-3557 http://www.ubuntu.com/usn/USN-2953-1 https://access.redhat.com/errata/RHSA-2016:1132 http://rhn.redhat.com/errata/RHSA-2016-1481.html http://rhn.redhat.com/errata/RHSA-2016-1480.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821094 https://nvd.nist.gov https://usn.ubuntu.com/2953-1/

CVE-2016-0647

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect