Main Vulnerability Database Vulnerabilities #VU33863

Input validation error in MySQL Server - CVE-2013-3839

Published: October 16, 2013 / Updated: August 4, 2020

Vulnerability identifier: #VU33863

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-3839

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
MySQL Server

Detailed vulnerability description

The vulnerability allows a remote #AU# to perform service disruption.

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

How to mitigate CVE-2013-3839

Install update from vendor's website.

Sources

http://rhn.redhat.com/errata/RHSA-2014-0173.html
http://rhn.redhat.com/errata/RHSA-2014-0186.html
http://rhn.redhat.com/errata/RHSA-2014-0189.html
http://secunia.com/advisories/55291
http://security.gentoo.org/glsa/glsa-201409-04.xml
http://www.debian.org/security/2013/dsa-2780
http://www.debian.org/security/2013/dsa-2818
http://www.mandriva.com/security/advisories?name=MDVSA-2013:250
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
http://www.securityfocus.com/bid/63109
http://www.securitytracker.com/id/1029184
http://www.ubuntu.com/usn/USN-2006-1

Input validation error in MySQL Server - CVE-2013-3839

Detailed vulnerability description

How to mitigate CVE-2013-3839

Sources

Please verify you're human