Main Vulnerability Database Vulnerabilities #VU43173

Input validation error in mysql - CVE-2013-0386

Published: January 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU43173

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-0386

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
mysql

Detailed vulnerability description

The vulnerability allows a remote #AU# to perform a denial of service (DoS) attack.

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

How to mitigate CVE-2013-0386

Install update from vendor's website.

Sources

http://secunia.com/advisories/53372
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
http://www.ubuntu.com/usn/USN-1703-1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835

Input validation error in mysql - CVE-2013-0386

Detailed vulnerability description

How to mitigate CVE-2013-0386

Sources

Please verify you're human