Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) Network Vulnerability

Summary

The host is running Oracle MySQL server and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow an attacker to disclose potentially sensitive information, manipulate certain data and cause a DoS (Denial of Service). Impact Level: Application

Solution

Apply the patch or upgrade to latest version, https://support.oracle.com/rs?type=doc&id=1475188.1

Insight

The flaws are due to multiple unspecified errors in MySQL server component related to server replication, information schema, protocol and server optimizer.

Affected

Oracle MySQL version 5.1.x to 5.1.64 and Oracle MySQL version 5.5.x to 5.5.26 on windows

References

http://secunia.com/advisories/51008/
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
http://www.securelist.com/en/advisories/51008

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3150, CVE-2012-3158, CVE-2012-3163, CVE-2012-3197

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Oracle MySQL Multiple Unspecified vulnerabilities-02 Oct14 (Windows)
Oracle Database Server 'RDBMS' component Denial of Service Vulnerability
MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
IBM DB2 UDB Multiple Unspecified Vulnerabilities (Windows)
Oracle Database Server Multiple Vulnerabilities - July 06

Take action and discover your vulnerabilities