CVE-2015-4870

Oracle MySQL Server <5.5.45-5.6.26 - DoS

Title source: llm

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.

Exploits (2)

exploitdb WORKING POC

by Osanda Malith Jayathissa · pythondosmultiple

https://www.exploit-db.com/exploits/39867

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by OsandaMalith · poc

https://github.com/OsandaMalith/CVE-2015-4870

View Code ZIP pw:eip

References (20)

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/77208

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-1481.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033894

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2016:1132

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0534.html

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2781-1

[Third Party Advisory] https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html

[Patch, Vendor Advisory] http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-1480.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html

[Third Party Advisory] http://www.debian.org/security/2015/dsa-3385

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html

[Third Party Advisory] http://www.debian.org/security/2015/dsa-3377

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0705.html

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/39867/

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

Scores

EPSS 0.2214

EPSS Percentile 95.8%

Details

Status published

Products (31)

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 15.04

canonical/ubuntu_linux 15.10

debian/debian_linux 7.0

debian/debian_linux 8.0

fedoraproject/fedora 23

mariadb/mariadb 5.5.0 - 5.5.46

opensuse/leap 42.1

opensuse/opensuse 13.1

... and 21 more

Published Oct 21, 2015

Tracked Since Feb 18, 2026