Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows) Network Vulnerability

Summary

The host is running Oracle MySQL server and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow an attacker to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). Impact Level: Application

Solution

Apply the patch or upgrade to latest version, https://support.oracle.com/rs?type=doc&id=1475188.1

Insight

The flaws are due to multiple unspecified errors in MySQL server component vectors related to MySQL client and server.

Affected

Oracle MySQL version 5.5.x to 5.5.26 on windows

References

http://secunia.com/advisories/51008/
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
http://www.securelist.com/en/advisories/51008

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3144, CVE-2012-3147, CVE-2012-3149
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Oracle Database Server Multiple Information Disclosure Vulnerabilities
IBM DB2 Multiple Security Bypass Vulnerabilities
PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability
Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
MongoDB engine_v8 Denial of Service Vulnerability

Take action and discover your vulnerabilities