Oracle MySQL Multiple Unspecified Vulnerabilities-01 Oct14 (Windows) Network Vulnerability

Summary

This host is running Oracle MySQL and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation will allow attackers to disclose potentially sensitive information, gain escalated privileges, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Impact Level: Application

Solution

Apply the patch from below link, http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Insight

Unspecified errors in the MySQL Server component via unknown vectors related to SERVER:INNODB FULLTEXT SEARCH DML, SERVER:SP, and SERVER:MEMCACHED.

Affected

MySQL Server version 5.6.19 and earlier on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/60599
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.osvdb.com/113268

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-6474, CVE-2014-6489, CVE-2014-6564

CVSS	Base Score: 5.5 AV:N/AC:L/Au:S/C:N/I:P/A:P

Related Vulnerabilities

IBM DB2 SYSIBMADM Multiple Vulnerabilities (Sep10)
Oracle MySQL Server Component 'Optimizer' Unspecified vulnerability Oct-2013 (Windows)
MongoDB mongod Malformed X.509 Certificate Handling Remote DoS Vulnerability
Oracle Database Server Multiple Unspecified Vulnerabilities-02 Jan2014
IBM DB2 DML Statement Execution Remote Privilege Escalation Vulnerability (Linux)

Oracle MySQL Multiple Unspecified vulnerabilities-01 Oct14 (Windows)

Take action and discover your vulnerabilities