Parser Vulnerability in Oracle MySQL and MariaDB
CVE-2016-3477

8.1HIGH

Key Information:

Vendor
IBM
Status
Powerkvm
Vendor
CVE Published:
21 July 2016

Summary

A vulnerability exists in Oracle MySQL and MariaDB that allows local users to impact system confidentiality, integrity, and availability. This issue is associated with the Server: Parser component and affects various versions of MySQL and MariaDB, allowing unauthorized manipulation and data access.

References

http://www.ubuntu.com/usn/USN-3040-1
vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2016-1603.html
vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/linuxbu...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.