CVE-2016-0546

{"id": "CVE-2016-0546", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2016-01-21T03:01:33.983", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2016/dsa-3453", "tags": ["Patch", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2016/dsa-3459", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/81066", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1034708", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-2881-1", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://access.redhat.com/errata/RHSA-2016:1132", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://mariadb.com/kb/en/mdb-10023-rn/", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2016/dsa-3453", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2016/dsa-3459", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/81066", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1034708", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-2881-1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2016:1132", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://mariadb.com/kb/en/mdb-10023-rn/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Client. NOTA: la informaci\u00f3n anterior proviene de la CPU de Enero de 2016. Oracle no ha comentado sobre alegaciones de terceros que estos son m\u00faltiples desbordamientos de buffer en la herramienta mysqlshow que permite a servidores de bases de datos remotos tener un impacto no especificado a trav\u00e9s de un nombre largo de tabla o base de datos."}], "lastModified": "2024-11-21T02:41:54.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2EA70BB-425F-4E0F-A618-F72258430EEE", "versionEndExcluding": "5.5.47", "versionStartIncluding": "5.5.20"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", "versionEndExcluding": "10.0.23", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C682E800-3908-422D-91FE-4C2956691CEB", "versionEndExcluding": "10.1.10", "versionStartIncluding": "10.1.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", "versionEndIncluding": "5.5.46", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "244C291E-590F-4EB3-B21A-C22EC5BBF93A", "versionEndIncluding": "5.6.27", "versionStartIncluding": "5.6.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF18143D-C98A-41E7-B71D-CC6AA5172463", "versionEndIncluding": "5.7.9", "versionStartIncluding": "5.7.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39A901D6-0874-46A4-92A8-5F72C7A89E85"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}