Parser Vulnerability in Oracle MySQL and MariaDB
CVE-2016-3477

8.1HIGH

Key Information:

Vendor: IBM
Status: Powerkvm
Vendor: CVE Published:; 21 July 2016

🔔 Create IBM Vulnerability Alert

What is CVE-2016-3477?

A vulnerability exists in Oracle MySQL and MariaDB that allows local users to impact system confidentiality, integrity, and availability. This issue is associated with the Server: Parser component and affects various versions of MySQL and MariaDB, allowing unauthorized manipulation and data access.

References

http://www.ubuntu.com/usn/USN-3040-1

vendor-advisoryx_refsource_UBUNTU

http://rhn.redhat.com/errata/RHSA-2016-1603.html

vendor-advisoryx_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/linuxbu...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2016
Vulnerability Reserved
Mar 17, 2016

.