CVE-2014-4260

Oracle MySQL <5.5.38 & <5.6.18 - Info Disclosure

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

References (12)

Core 12
Core References
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94621
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030578
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-2985
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/23
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/68573
Not Applicable third-party-advisory x_refsource_secunia
http://secunia.com/advisories/60425

Scores

EPSS 0.0046
EPSS Percentile 64.3%

Details

Status published
Products (11)
debian/debian_linux 7.0
mariadb/mariadb 5.5.0 - 5.5.38
oracle/mysql 5.5.0 - 5.5.37
oracle/solaris 11.3
suse/linux_enterprise_desktop 11 sp3
suse/linux_enterprise_desktop 12
suse/linux_enterprise_server 11 sp3 (2 CPE variants)
suse/linux_enterprise_server 12
suse/linux_enterprise_software_development_kit 11 sp3
suse/linux_enterprise_software_development_kit 12
... and 1 more
Published Jul 17, 2014
Tracked Since Feb 18, 2026