SB2013032901 - Buffer overflow in Google, mysql
Published: March 29, 2013 Updated: August 11, 2020
Security Bulletin ID
SB2013032901
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2013-1492)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
Remediation
Install update from vendor's website.
References
- http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html
- http://secunia.com/advisories/52445
- http://secunia.com/advisories/53372
- http://security.gentoo.org/glsa/glsa-201308-06.xml
- https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow