CVE-2014-4207

Опубликовано: 17 июл. 2014

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23
Mailing List
Third Party Advisory
VDB Entry
http://secunia.com/advisories/60425
Not Applicable
http://www.debian.org/security/2014/dsa-2985
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/68593
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030578
Broken Link
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/94624
Third Party Advisory
VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23
Mailing List
Third Party Advisory
VDB Entry
http://secunia.com/advisories/60425
Not Applicable
http://www.debian.org/security/2014/dsa-2985
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Версия от 5.5.0 (включая) до 5.5.37 (включая)

Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Версия от 5.5.0 (включая) до 5.5.38 (исключая)

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Версия от 10.0.0 (включая) до 10.0.12 (исключая)

Конфигурация 5

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00502

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2014-4207

ubuntu

около 11 лет назад

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

CVE-2014-4207

redhat

больше 11 лет назад

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

CVE-2014-4207

debian

около 11 лет назад

Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...

GHSA-j92r-fc65-r2hf

github

больше 3 лет назад

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

ELSA-2014-1861

oracle-oval

почти 11 лет назад

ELSA-2014-1861: mariadb security update (IMPORTANT)

EPSS

Процентиль: 65%

0.00502

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo