[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-0001Date: (C)2014-02-01   (M)2023-12-22


Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
OSVDB-102713
OSVDB-102714
SECTRACK-1029708
SECUNIA-52161
BID-65298
GLSA-201409-04
MDVSA-2014:029
RHSA-2014:0164
RHSA-2014:0173
RHSA-2014:0186
RHSA-2014:0189
http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
https://bugzilla.redhat.com/show_bug.cgi?id=1054592
https://mariadb.com/kb/en/mariadb-5535-changelog/
mysql-cve20140001-bo(90901)

CPE    53
cpe:/a:oracle:mysql:5.5.20
cpe:/a:oracle:mysql:5.5.21
cpe:/a:oracle:mysql:5.5.19
cpe:/a:oracle:mysql:5.5.13
...
CWE    1
CWE-119
OVAL    20
oval:org.secpod.oval:def:106863
oval:org.secpod.oval:def:601286
oval:org.secpod.oval:def:108038
oval:org.secpod.oval:def:106934
...

© SecPod Technologies