Main Vulnerability Database SB2014072103

SB2014072103 - Input validation error in mysql (Alpine package)

Published: July 21, 2014

Security Bulletin ID SB2014072103

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2014-4258)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

Remediation

Install update from vendor's website.

References

https://git.alpinelinux.org/aports/commit/?id=a138c157fc3b2c1c9391b3ca429f587f89d5e0d1
https://git.alpinelinux.org/aports/commit/?id=60c31947b70df7e8408e35e3efc1cf1d0990ac62
https://git.alpinelinux.org/aports/commit/?id=1196cf02695d251817d7ceeb2cc842a4a8e4c33f
https://git.alpinelinux.org/aports/commit/?id=da92ef3bc6ffab36642892f6f97b9492ba250bb7