Published: 12/02/2017 Updated: 03/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Crash in libmysqlclient.so in Oracle MySQL prior to 5.6.21 and 5.7.x prior to 5.7.5 and MariaDB up to and including 5.5.54, 10.0.x up to and including 10.0.29, 10.1.x up to and including 10.1.21, and 10.2.x up to and including 10.2.3.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql
mariadb mariadb
debian debian linux 8.0
redhat enterprise linux server eus 7.6
redhat enterprise linux server 7.0
redhat enterprise linux server aus 7.4
redhat enterprise linux server aus 7.6
redhat enterprise linux desktop 7.0
redhat enterprise linux server eus 7.5
redhat enterprise linux workstation 7.0
redhat enterprise linux server eus 7.4

Debian Bug report logs - #860544 Security fixes from the April 2017 CPU Package: src:mysql-55; Maintainer for src:mysql-55 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: "Norvald H Ryeng" <norvaldryeng@oraclecom> Date: Tue, 18 Apr 2017 11:30:01 UTC Severity: grave Tags: fixed ...

Debian Bug report logs - #854713 mysql-55: CVE-2017-3302: Use after free in libmysqlclientso Package: mysql-55; Maintainer for mysql-55 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Balint Reczey <balint@balintreczeyhu> Date: Thu, 9 Feb 2017 18:33:07 UTC Severity: important ...

Synopsis Moderate: rh-mariadb101-mariadb and rh-mariadb101-galera security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for rh-mariadb101-mariadb and rh-mariadb101-galera is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as havin ...

Synopsis Important: rh-mysql56-mysql security and bug fix update Type/Severity Security Advisory: Important Topic An update for rh-mysql56-mysql is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Synopsis Moderate: rh-mariadb100-mariadb security update Type/Severity Security Advisory: Moderate Topic An update for rh-mariadb100-mariadb is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...

Several issues have been discovered in the MySQL database server The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5555, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes Please see the MySQL 55 Release Notes and Oracle's Critical Patch ...

Several security issues were fixed in MySQL ...

A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient ...

CWE-416 http://www.openwall.com/lists/oss-security/2017/02/11/11 http://www.securityfocus.com/bid/96162 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securitytracker.com/id/1038287 http://www.debian.org/security/2017/dsa-3834 http://www.debian.org/security/2017/dsa-3809 https://access.redhat.com/errata/RHSA-2017:2787 https://access.redhat.com/errata/RHSA-2017:2192 https://access.redhat.com/errata/RHSA-2018:0279 https://access.redhat.com/errata/RHSA-2018:0574 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860544 https://usn.ubuntu.com/3357-2/https://www.debian.org/security/./dsa-3834

CVE-2017-3302

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect