Published: 08/08/2017 Updated: 03/10/2019

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and previous versions. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. Note: The documentation has also been updated for the correct way to use mysql_stmt_close(). Please see: dev.mysql.com/doc/refman/5.7/en/mysql-stmt-execute.html, dev.mysql.com/doc/refman/5.7/en/mysql-stmt-fetch.html, dev.mysql.com/doc/refman/5.7/en/mysql-stmt-close.html, dev.mysql.com/doc/refman/5.7/en/mysql-stmt-error.html, dev.mysql.com/doc/refman/5.7/en/mysql-stmt-errno.html, and dev.mysql.com/doc/refman/5.7/en/mysql-stmt-sqlstate.html. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql connector\\/c
oracle mysql
debian debian linux 8.0

Debian Bug report logs - #868788 Security fixes from the July 2017 CPU Package: src:mysql-55; Maintainer for src:mysql-55 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Lars Tangvald <larstangvald@oraclecom> Date: Tue, 18 Jul 2017 16:51:04 UTC Severity: grave Tags: fixed-upstr ...

Debian Bug report logs - #868798 Security fixes from the July 2017 CPU Package: src:mysql-57; Maintainer for src:mysql-57 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Lars Tangvald <larstangvald@oraclecom> Date: Tue, 18 Jul 2017 18:30:02 UTC Severity: grave Tags: fixed-upstr ...

Several security issues were fixed in MySQL ...

Several issues have been discovered in the MySQL database server The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5557, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes Please see the MySQL 55 Release Notes and Oracle's Critical Patch ...

Server: Charsets unspecified vulnerability (CPU Jul 2017):Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets) Supported versions that are affected are 5556 and earlier, 5636 and earlier and 5718 and earlier Difficult to exploit vulnerability allows high privileged attacker with network access via mul ...

Server: Charsets unspecified vulnerability (CPU Jul 2017)Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets) Supported versions that are affected are 5556 and earlier, 5636 and earlier and 5718 and earlier Difficult to exploit vulnerability allows high privileged attacker with network access via mult ...

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C) Supported versions that are affected are 6110 and earlier Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors Successful attacks of this vulnerability can result in ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securitytracker.com/id/1038928 http://www.securityfocus.com/bid/99730 http://www.debian.org/security/2017/dsa-3922 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868788 https://usn.ubuntu.com/3357-1/

CVE-2017-3635

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect