Vulnerability Details : CVE-2016-0655
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
Products affected by CVE-2016-0655
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-0655
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 45 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-0655
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:N/A:P |
6.8
|
2.9
|
NIST | |
|
4.7
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.0
|
3.6
|
NIST |
References for CVE-2016-0655
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/86424
Oracle MySQL CVE-2016-0655 Remote Security VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1035606
MySQL Multiple Bugs Let Remote Users Access and Modify Data and Deny Service and Let Remote and Remote Authenticated Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
[security-announce] openSUSE-SU-2016:1664-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
[security-announce] SUSE-SU-2016:1620-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
[security-announce] openSUSE-SU-2016:1332-1: important: Security updateMailing List;Third Party Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/
MariaDB 10.1.14 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
[security-announce] SUSE-SU-2016:1619-1: important: Security update forMailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2954-1
USN-2954-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3595
Debian -- Security Information -- DSA-3595-1 mariadb-10.0Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2016:1132
RHSA-2016:1132 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
MariaDB 10.0.25 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0705.html
RHSA-2016:0705 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
[security-announce] openSUSE-SU-2016:1686-1: important: Security updateThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2953-1
USN-2953-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to