VDB-78695 · CVE-2015-4913 · BID 77153

Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service

A vulnerability was found in Oracle MySQL Server up to 5.5.45/5.6.26 (Database Software). It has been rated as problematic. This issue affects an unknown functionality of the component DML. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field10/21/2015 12:52 PM02/03/2019 10:31 AM06/23/2022 04:37 PM
typeDatabase SoftwareDatabase SoftwareDatabase Software
vendorOracleOracleOracle
nameMySQL ServerMySQL ServerMySQL Server
version<=5.5.45/5.6.26<=5.5.45/5.6.26<=5.5.45/5.6.26
componentDMLDMLDML
risk111
cvss2_vuldb_basescore3.53.53.5
cvss2_vuldb_tempscore3.03.03.0
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auSSS
cvss2_nvd_ciNNN
cvss2_nvd_iiNNN
cvss2_nvd_aiPPP
cvss3_meta_basescore4.34.34.3
cvss3_meta_tempscore4.14.14.1
cvss3_vuldb_basescore4.34.34.3
cvss3_vuldb_tempscore4.14.14.1
date1445299200 (10/20/2015)1445299200 (10/20/2015)1445299200 (10/20/2015)
locationWebsiteWebsiteWebsite
typeAdvisoryAdvisoryAdvisory
urlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
identifierOracle Critical Patch Update Advisory - October 2015Oracle Critical Patch Update Advisory - October 2015Oracle Critical Patch Update Advisory - October 2015
disputed000
price_0day$5k-$25k$5k-$25k$0-$5k
nameUpgradeUpgradeUpgrade
date1445299200 (10/20/2015)1445299200 (10/20/2015)1445299200 (10/20/2015)
cveCVE-2015-4913CVE-2015-4913CVE-2015-4913
cve_nvd_published144538560014453856001445385600
cve_nvd_summaryUnspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
oval_idoval:org.cisecurity:def:300oval:org.cisecurity:def:300oval:org.cisecurity:def:300
securityfocus771537715377153
securityfocus_titleOracle MySQL Server CVE-2015-4913 Remote Security VulnerabilityOracle MySQL Server CVE-2015-4913 Remote Security VulnerabilityOracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
vulnerabilitycenter578535785357853
vulnerabilitycenter_title[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913[cpuoct2015-2367953-MySQL] Oracle MySQL Remote DoS in DML Server - CVE-2015-4913
vulnerabilitycenter_severityLowLowLow
vulnerabilitycenter_creationdate145946880014594688001459468800
vulnerabilitycenter_lastupdate153489600015348960001534896000
vulnerabilitycenter_reportingdate144538560014453856001445385600
nessus_id865808658086580
nessus_nameDebian DSA-3377-1 : mysql-5.5 - security updateDebian DSA-3377-1 : mysql-5.5 - security updateDebian DSA-3377-1 : mysql-5.5 - security update
nessus_filenamedebian_DSA-3377.nasldebian_DSA-3377.nasldebian_DSA-3377.nasl
nessus_riskHighHighHigh
nessus_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
nessus_typelocallocallocal
nessus_date1445817600 (10/26/2015)1445817600 (10/26/2015)1445817600 (10/26/2015)
openvas_id703377703377703377
openvas_filenamedeb_3377.nasldeb_3377.nasldeb_3377.nasl
openvas_titleDebian Security Advisory DSA 3377-1 (mysql-5.5 - security update)Debian Security Advisory DSA 3377-1 (mysql-5.5 - security update)Debian Security Advisory DSA 3377-1 (mysql-5.5 - security update)
openvas_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
qualys_id350019350019350019
qualys_titleAmazon Linux Security Advisory for mysql56: ALAS-2016-684Amazon Linux Security Advisory for mysql56: ALAS-2016-684Amazon Linux Security Advisory for mysql56: ALAS-2016-684
seealso77628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 7863477628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 7863477628 78614 78643 78622 78621 78620 78619 78618 78617 78624 78615 78625 78613 78612 78611 78610 78609 78608 78607 78616 78633 78552 78641 78640 78639 78638 78637 78636 78623 78634
cwe404 (denial of service)404 (denial of service)404 (denial of service)
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
company_nameOracleOracle
confirm_urlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
cve_assigned1435104000 (06/24/2015)1435104000 (06/24/2015)
securityfocus_date1445299200 (10/20/2015)1445299200 (10/20/2015)
securityfocus_classUnknownUnknown
sectracker1033894
cvss2_nvd_basescore3.5

Want to stay up to date on a daily basis?

Enable the mail alert feature now!