CVE-2015-2576

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	Patch Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032121	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:::::*

Configuration 2 (hide)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Information

Published : 2015-04-16 10:00

Updated : 2017-01-03 10:39

NVD link : CVE-2015-2576

Mitre link : CVE-2015-2576

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

suse

linux_enterprise_software_development_kit
linux_enterprise_server
linux_enterprise_desktop

oracle

mysql

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", "name": "SUSE-SU-2015:0946", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SUSE"}, {"url": "http://www.securitytracker.com/id/1032121", "name": "1032121", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-2576", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-04-16T17:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.5.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-01-03T18:39Z"}

2.1 /10