Main Vulnerability Database Vulnerabilities #VU41214

Input validation error in Oracle Solaris - CVE-2014-4274

Published: October 15, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41214

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2014-4274

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a local #AU# to read and manipulate data.

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.

How to mitigate CVE-2014-4274

Install update from vendor's website.

Sources

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.securityfocus.com/bid/69732

Input validation error in Oracle Solaris - CVE-2014-4274

Detailed vulnerability description

How to mitigate CVE-2014-4274

Sources

Please verify you're human