Oracle MySQL Multiple Unspecified Vulnerabilities - 02 Jan14 (Windows) Network Vulnerability

Summary

This host is running Oracle MySQL and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial of Service). Impact Level: Application

Solution

Apply the patch from below link, http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Insight

Unspecified errors in the MySQL Server component via unknown vectors related to FTS, Performance Schema, Thread Pooling, Stored Procedures, and InnoDB.

Affected

Oracle MySQL version 5.6.13 and earlier.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/56491
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.osvdb.com/102076

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5882, CVE-2013-5894, CVE-2014-0427, CVE-2014-0430, CVE-2014-0433

CVSS	Base Score: 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C

Related Vulnerabilities

MySQL < 5.1.47 Multiple Vulnerabilities
MySQL Unspecified vulnerabilities-03 July-2013 (Windows)
IBM DB2 DML Statement Execution Remote Privilege Escalation Vulnerability
PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability
Oracle MySQL Multiple Unspecified vulnerabilities - 01 May14 (Windows)

Oracle MySQL Multiple Unspecified vulnerabilities - 02 Jan14 (Windows)

Take action and discover your vulnerabilities