Main Vulnerability Database Vulnerabilities #VU42900

Input validation error in mysql - CVE-2013-2378

Published: April 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42900

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-2378

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
mysql

Detailed vulnerability description

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

How to mitigate CVE-2013-2378

Install update from vendor's website.

Sources

http://rhn.redhat.com/errata/RHSA-2013-0772.html
http://secunia.com/advisories/53372
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

Input validation error in mysql - CVE-2013-2378

Detailed vulnerability description

How to mitigate CVE-2013-2378

Sources

Please verify you're human