SB2013041703 - Input validation error in Oracle MySQL Server



SB2013041703 - Input validation error in Oracle MySQL Server

Published: April 17, 2013 Updated: August 4, 2020

Security Bulletin ID SB2013041703
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Partial DoS

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Input validation error (CVE-ID: CVE-2013-1502)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local #AU# to perform service disruption.

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.


Remediation

Install update from vendor's website.