Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
References
Link | Resource |
---|---|
http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | Not Applicable |
https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | Patch Issue Tracking Third Party Advisory |
http://osvdb.org/102713 | Broken Link |
http://www.osvdb.org/102714 | Broken Link |
https://mariadb.com/kb/en/mariadb-5535-changelog/ | Patch Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0189.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0164.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0186.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0173.html | Third Party Advisory |
http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | Broken Link |
http://www.securityfocus.com/bid/65298 | Third Party Advisory VDB Entry |
http://security.gentoo.org/glsa/glsa-201409-04.xml | Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/90901 | |
http://www.securitytracker.com/id/1029708 | |
http://secunia.com/advisories/52161 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2014-01-31 15:55
Updated : 2019-12-17 07:25
NVD link : CVE-2014-0001
Mitre link : CVE-2014-0001
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux
- enterprise_linux_workstation
- enterprise_linux_server
oracle
- mysql
mariadb
- mariadb