Summary
This host is running Oracle MySQL and is
prone to multiple unspecified vulnerabilities.
Impact
Successful exploitation will allow attackers
to disclose potentially sensitive information, gain escalated privileges, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Impact Level: Application
Solution
Apply the patch from below link,
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Insight
Unspecified errors in the MySQL Server
component via unknown vectors related to SERVER:INNODB FULLTEXT SEARCH DML, SERVER:SP, and SERVER:MEMCACHED.
Affected
MySQL Server version 5.6.19 and earlier
on Windows.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-6474, CVE-2014-6489, CVE-2014-6564 -
CVSS Base Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P
Related Vulnerabilities
- MySQL Denial of Service (infinite loop) Vulnerabilities
- MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vulnerability
- MySQL Unspecified vulnerabilities-03 July-2013 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 04 May14 (Windows)
- Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)