CVE-2016-3477 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2016-3477

CVE-2016-3477

July 21, 2016

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Related Resources (20)

http://www.ubuntu.com/usn/USN-3040-1

http://www.securityfocus.com/bid/91787

http://rhn.redhat.com/errata/RHSA-2016-1603.html

https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/

http://www.securityfocus.com/bid/91902

https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/

http://rhn.redhat.com/errata/RHSA-2016-1604.html

http://www.securitytracker.com/id/1036362

http://www.debian.org/security/2016/dsa-3624

http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html

http://rhn.redhat.com/errata/RHSA-2016-1602.html

http://www.debian.org/security/2016/dsa-3632

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://rhn.redhat.com/errata/RHSA-2016-1601.html

https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/

http://rhn.redhat.com/errata/RHSA-2016-1480.html

https://access.redhat.com/security/cve/CVE-2016-3477

http://rhn.redhat.com/errata/RHSA-2016-1637.html

Do you need more information?

CVSS v4

Base Score:

8.9

Attack Vector

LOCAL

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

HIGH

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

HIGH

Subsequent System Integrity

HIGH

Subsequent System Availability

HIGH

CVSS v3

Base Score:

8.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

CVSS v2

Base Score:

4.1

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

EPSS

Base Score:

0.11