Main Vulnerability Database Vulnerabilities #VU41209

Input validation error in Oracle Solaris - CVE-2014-6551

Published: October 16, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41209

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2014-6551

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

How to mitigate CVE-2014-6551

Install update from vendor's website.

Sources

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.securityfocus.com/bid/70462

Input validation error in Oracle Solaris - CVE-2014-6551

Detailed vulnerability description

How to mitigate CVE-2014-6551

Sources

Please verify you're human