Main Vulnerability Database Vulnerabilities #VU42903

Input validation error in mysql - CVE-2013-2391

Published: April 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42903

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-2391

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
mysql

Detailed vulnerability description

The vulnerability allows a local #AU# to read and manipulate data.

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.

How to mitigate CVE-2013-2391

Install update from vendor's website.

Sources

http://rhn.redhat.com/errata/RHSA-2013-0772.html
http://secunia.com/advisories/53372
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

Input validation error in mysql - CVE-2013-2391

Detailed vulnerability description

How to mitigate CVE-2013-2391

Sources

Please verify you're human