CVE-2016-3459

MEDIUM

Oracle MySQL <5.6.30, <5.7.12 - DoS

Title source: llm

Description

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.

References (9)

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-1601.html

[Patch, Vendor Advisory] http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91787

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91943

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036362

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3040-1

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2016:1132

[Vendor Advisory] https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/

[Vendor Advisory] https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/

Scores

CVSS v3 4.9

EPSS 0.0088

EPSS Percentile 75.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Classification

Status draft

Affected Products (2)

mariadb/mariadb < 10.0.25

oracle/mysql < 5.6.30

Timeline

Published Jul 21, 2016

Tracked Since Feb 18, 2026