CVE-2016-3477
Last modified
CVE-2016-3477 is a vulnerability of currently unknown severity. Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.. EPSS estimates a 0.47% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Powerkvm | 2.1 |
| Ibm | Powerkvm | 3.1 |
| Oracle | Mysql | >= 5.5.0, <= 5.5.49 |
| Oracle | Mysql | >= 5.6.0, <= 5.6.30 |
| Oracle | Mysql | >= 5.7.0, <= 5.7.12 |
| Oracle | Linux | 7 |
| Mariadb | Mariadb | >= 5.5.20, < 5.5.50 |
| Mariadb | Mariadb | >= 10.0.0, < 10.0.26 |
| Mariadb | Mariadb | >= 10.1.0, < 10.1.15 |
| Debian | Debian Linux | 8.0 |
| Canonical | Ubuntu Linux | 12.04 |
| Canonical | Ubuntu Linux | 14.04 |
| Canonical | Ubuntu Linux | 15.10 |
| Canonical | Ubuntu Linux | 16.04 |
References
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.htmlMailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1480.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1601.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1602.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1603.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1604.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1637.htmlThird Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168Third Party Advisory
- http://www.debian.org/security/2016/dsa-3624Third Party Advisory
- http://www.debian.org/security/2016/dsa-3632Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Vendor Advisory
- http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/91902Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1036362Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-3040-1Third Party Advisory
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.htmlMailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1480.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1601.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1602.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1603.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1604.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-1637.htmlThird Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168Third Party Advisory
- http://www.debian.org/security/2016/dsa-3624Third Party Advisory
- http://www.debian.org/security/2016/dsa-3632Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Vendor Advisory
- http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/91902Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1036362Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-3040-1Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-3477?
How severe is CVE-2016-3477?
How do I fix CVE-2016-3477?
Are you affected by CVE-2016-3477?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST