Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Oracle
  • Solaris
  • Mysql
  • Linux
Redhat
  • Enterprise Linux
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Eus
  • Enterprise Linux Desktop
  • Enterprise Linux Hpc Node Eus
  • Enterprise Linux Hpc Node
  • Enterprise Linux Workstation
  • Enterprise Linux Server
Opensuse
  • Leap
  • Opensuse
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Mariadb
  • Mariadb

Configuration 1 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 8 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 9 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0534.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0705.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1480.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1481.html Third Party Advisory
http://www.debian.org/security/2016/dsa-3453 Patch Third Party Advisory
http://www.debian.org/security/2016/dsa-3459 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html Vendor Advisory
http://www.securityfocus.com/bid/81066 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034708 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2881-1 Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1132 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1301493 Issue Tracking Third Party Advisory
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html Vendor Advisory
https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html Vendor Advisory
https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f Third Party Advisory
https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ Vendor Advisory
https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ Vendor Advisory
https://mariadb.com/kb/en/mdb-10023-rn/ Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2016-01-21T02:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2015-12-09T00:00:00

Link: CVE-2016-0546

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2016-01-21T03:01:33.983

Modified: 2019-12-27T16:08:55.810

Link: CVE-2016-0546

JSON object: View

cve-icon Redhat Information

No data.

CWE