VDB-78695 · CVE-2015-4913 · BID 77153

Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service

A vulnerability was found in Oracle MySQL Server up to 5.5.45/5.6.26 (Database Software). It has been rated as problematic. This issue affects an unknown functionality of the component DML. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field	10/21/2015 12:52 PM	02/03/2019 10:31 AM	06/23/2022 04:37 PM
type	Database Software	Database Software	Database Software
vendor	Oracle	Oracle	Oracle
name	MySQL Server	MySQL Server	MySQL Server
version	<=5.5.45/5.6.26	<=5.5.45/5.6.26	<=5.5.45/5.6.26
component	DML	DML	DML
risk	1	1	1
cvss2_vuldb_basescore	3.5	3.5	3.5
cvss2_vuldb_tempscore	3.0	3.0	3.0
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss2_nvd_av	N	N	N
cvss2_nvd_ac	M	M	M
cvss2_nvd_au	S	S	S
cvss2_nvd_ci	N	N	N
cvss2_nvd_ii	N	N	N
cvss2_nvd_ai	P	P	P
cvss3_meta_basescore	4.3	4.3	4.3
cvss3_meta_tempscore	4.1	4.1	4.1
cvss3_vuldb_basescore	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.1	4.1	4.1
date	1445299200 (10/20/2015)	1445299200 (10/20/2015)	1445299200 (10/20/2015)
location	Website	Website	Website
type	Advisory	Advisory	Advisory
url	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
identifier	Oracle Critical Patch Update Advisory - October 2015	Oracle Critical Patch Update Advisory - October 2015	Oracle Critical Patch Update Advisory - October 2015
disputed	0	0	0
price_0day	$5k-$25k	$5k-$25k	$0-$5k
name	Upgrade	Upgrade	Upgrade
date	1445299200 (10/20/2015)	1445299200 (10/20/2015)	1445299200 (10/20/2015)
cve	CVE-2015-4913	CVE-2015-4913	CVE-2015-4913
cve_nvd_published	1445385600	1445385600	1445385600
cve_nvd_summary	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
oval_id	oval:org.cisecurity:def:300	oval:org.cisecurity:def:300	oval:org.cisecurity:def:300
securityfocus	77153	77153	77153
securityfocus_title	Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability	Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability	Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
vulnerabilitycenter	57853	57853	57853
vulnerabilitycenter_title	[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913	[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913	[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913
vulnerabilitycenter_severity	Low	Low	Low
vulnerabilitycenter_creationdate	1459468800	1459468800	1459468800
vulnerabilitycenter_lastupdate	1534896000	1534896000	1534896000
vulnerabilitycenter_reportingdate	1445385600	1445385600	1445385600
nessus_id	86580	86580	86580
nessus_name	Debian DSA-3377-1 : mysql-5.5 - security update	Debian DSA-3377-1 : mysql-5.5 - security update	Debian DSA-3377-1 : mysql-5.5 - security update
nessus_filename	debian_DSA-3377.nasl	debian_DSA-3377.nasl	debian_DSA-3377.nasl
nessus_risk	High	High	High
nessus_family	Debian Local Security Checks	Debian Local Security Checks	Debian Local Security Checks
nessus_type	local	local	local
nessus_date	1445817600 (10/26/2015)	1445817600 (10/26/2015)	1445817600 (10/26/2015)
openvas_id	703377	703377	703377
openvas_filename	deb_3377.nasl	deb_3377.nasl	deb_3377.nasl
openvas_title	Debian Security Advisory DSA 3377-1 (mysql-5.5 - security update)	Debian Security Advisory DSA 3377-1 (mysql-5.5 - security update)	Debian Security Advisory DSA 3377-1 (mysql-5.5 - security update)
openvas_family	Debian Local Security Checks	Debian Local Security Checks	Debian Local Security Checks
qualys_id	350019	350019	350019
qualys_title	Amazon Linux Security Advisory for mysql56: ALAS-2016-684	Amazon Linux Security Advisory for mysql56: ALAS-2016-684	Amazon Linux Security Advisory for mysql56: ALAS-2016-684
seealso	77628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 78634	77628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 78634	77628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 78634
cwe	404 (denial of service)	404 (denial of service)	404 (denial of service)
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	C	C	C
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
company_name		Oracle	Oracle
confirm_url		http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
cve_assigned		1435104000 (06/24/2015)	1435104000 (06/24/2015)
securityfocus_date		1445299200 (10/20/2015)	1445299200 (10/20/2015)
securityfocus_class		Unknown	Unknown
sectracker			1033894
cvss2_nvd_basescore			3.5

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!