PT-2016-1093 · Oracle+4 · Mysql Server+3

Publicado

2016-01-19

·

Atualizado

2018-10-30

·

CVE-2016-0503

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 5.6.27 and earlier Oracle MySQL versions 5.7.9 and earlier
Description The issue is related to errors in the code of the MySQL Server component, specifically the DML subcomponent. It allows a remote attacker to cause the system to hang or crash, affecting availability. The vulnerability can be exploited via vectors related to DML, and it affects remote authenticated users.
Recommendations For Oracle MySQL versions 5.6.27 and earlier, update to a version later than 5.6.27 to resolve the issue. For Oracle MySQL versions 5.7.9 and earlier, update to a version later than 5.7.9 to resolve the issue. As a temporary workaround, consider restricting access to the DML subcomponent until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

ALT-PU-2018-1647
BDU:2016-00164
CVE-2016-0503
OPENSUSE-SU-2016_0367-1
OPENSUSE-SU-2016_0377-1
RHSA-2016:0705
USN-2881-1

Produtos afetados

Alt Linux
Mysql Server
Suse
Ubuntu