Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows) Network Vulnerability

Summary

The host is running Oracle MySQL server and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow an attacker to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). Impact Level: Application

Solution

Apply the patch or upgrade to latest version, https://support.oracle.com/rs?type=doc&id=1475188.1

Insight

The flaws are due to multiple unspecified errors in MySQL server component vectors related to MySQL client and server.

Affected

Oracle MySQL version 5.5.x to 5.5.26 on windows

References

http://secunia.com/advisories/51008/
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
http://www.securelist.com/en/advisories/51008

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3144, CVE-2012-3147, CVE-2012-3149

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vulnerability
IBM DB2 DML Statement Execution Remote Privilege Escalation Vulnerability
Oracle MySQL Multiple Unspecified vulnerabilities-03 Oct14 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities - 03 Jan14 (Windows)
PostgreSQL Multiple Security Bypass Vulnerability July14 (Windows)

Take action and discover your vulnerabilities