SB2013101602 - Input validation error in Oracle MySQL Server
Published: October 16, 2013 Updated: August 4, 2020
Security Bulletin ID
SB2013101602
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2013-5807)
The vulnerability allows a remote #AU# to read and manipulate data.
Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.
Remediation
Install update from vendor's website.
References
- http://rhn.redhat.com/errata/RHSA-2014-0173.html
- http://rhn.redhat.com/errata/RHSA-2014-0186.html
- http://rhn.redhat.com/errata/RHSA-2014-0189.html
- http://security.gentoo.org/glsa/glsa-201409-04.xml
- http://www.debian.org/security/2013/dsa-2818
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63105
- http://www.securitytracker.com/id/1029184
- http://www.ubuntu.com/usn/USN-2006-1