Main Vulnerability Database Vulnerabilities #VU43171

Input validation error in mysql - CVE-2013-0384

Published: January 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU43171

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-0384

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
mysql

Detailed vulnerability description

The vulnerability allows a remote #AU# to perform a denial of service (DoS) attack.

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.

How to mitigate CVE-2013-0384

Install update from vendor's website.

Sources

http://rhn.redhat.com/errata/RHSA-2013-0219.html
http://secunia.com/advisories/53372
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
http://www.ubuntu.com/usn/USN-1703-1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632

Input validation error in mysql - CVE-2013-0384

Detailed vulnerability description

How to mitigate CVE-2013-0384

Sources

Please verify you're human