There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Dbd-mysql Project
  • Dbd-mysql

Configuration 1 [-]

OR cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0000_0:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_2:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_3:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_2:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_3:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_4:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_5:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0003_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0004_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0005:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0005_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0007_2:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0008_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0009_1:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.00:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.001:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.002:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.003:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.004:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.005:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.006:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.007:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.008:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.009:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.010:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.011:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.012:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.013:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.014:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.015:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.016:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.017:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.018:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.019:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.020:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.021:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.022:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.023:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.024:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.025:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.026:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.027:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.028:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.029:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.030_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.030_02:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.031:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_02:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_03:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_02:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_03:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.034:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_02:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_03:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.036:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.037:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.037_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.038:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.038_01:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.039:*:*:*:*:*:*:*
cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.040:*:*:*:*:*:*:*
References
Link Resource
http://www.openwall.com/lists/oss-security/2016/11/28/2 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/94573 Third Party Advisory VDB Entry
https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1 Issue Tracking Patch Third Party Advisory
https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1 Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201701-51
https://tracker.debian.org/news/819888 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: debian

Published: 2016-11-29T20:00:00

Updated: 2017-06-30T16:57:01

Reserved: 2015-12-27T00:00:00

Link: CVE-2016-1251

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-11-29T20:59:00.170

Modified: 2017-07-01T01:29:33.267

Link: CVE-2016-1251

JSON object: View

cve-icon Redhat Information

No data.

CWE