CVE-2015-2576 - OpenCVE

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Linux Enterprise Desktop Linux Enterprise Server Linux Enterprise Software Development Kit
Oracle	Mysql

Configuration 1 [-]

OR	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:::::*
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::

Configuration 2 [-]

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html	Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	Patch Vendor Advisory
http://www.securitytracker.com/id/1032121	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2015-04-16T16:00:00

Updated: 2016-12-30T16:57:01

Reserved: 2015-03-20T00:00:00

Link: CVE-2015-2576

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-04-16T17:00:07.987

Modified: 2017-01-03T18:39:30.163

Link: CVE-2015-2576

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "1032121", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032121"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "SUSE-SU-2015:0946", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2015-2576", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1032121", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032121"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "SUSE-SU-2015:0946", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2015-2576", "datePublished": "2015-04-16T16:00:00", "dateReserved": "2015-03-20T00:00:00", "dateUpdated": "2016-12-30T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:vmware:*:*:*:*:*", "matchCriteriaId": "3A0D502F-9D9C-4D97-B030-141DDE88D4CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "21496EFF-4F41-465C-9B40-96CEB988370D", "versionEndIncluding": "1.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente MySQL Utilities en Oracle MySQL 1.5.1 y anteriores, cuando funciona en Windows, permite a usuarios locales afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con la instalaci\u00f3n."}], "evaluatorComment": "Per Oracle: This vulnerability is only applicable on Windows operating system (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)", "id": "CVE-2015-2576", "lastModified": "2017-01-03T18:39:30.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-16T17:00:07.987", "references": [{"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032121"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}