ID CVE-2013-0386
Summary Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
CVSS
Base: 6.8 (as of 30-06-2022 - 19:52)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:C
oval via4
accepted 2015-06-01T04:00:12.138-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
comment MySQL 5.5 is installed
oval oval:org.mitre.oval:def:8419
description Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
family windows
id oval:org.mitre.oval:def:16835
status accepted
submitted 2013-04-29T10:26:26.748+04:00
title Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.5.28 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System hang or frequently repeatable crash (complete DOS)
version 20
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
gentoo GLSA-201308-06
mandriva MDVSA-2013:150
secunia 53372
ubuntu USN-1703-1
Last major update 30-06-2022 - 19:52
Published 17-01-2013 - 01:55
Last modified 30-06-2022 - 19:52
Back to Top