Vulnerability Description
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Mysql | >= 5.5.0, <= 5.5.36 |
| Oracle | Solaris | 11.3 |
| Mariadb | Mariadb | >= 5.5.0, < 5.5.37 |
| Redhat | Enterprise Linux Desktop | 5.0 |
| Redhat | Enterprise Linux Eus | 7.3 |
| Redhat | Enterprise Linux Server | 5.0 |
| Redhat | Enterprise Linux Server Aus | 7.3 |
| Redhat | Enterprise Linux Server Tus | 7.3 |
| Redhat | Enterprise Linux Workstation | 5.0 |
References
- http://rhn.redhat.com/errata/RHSA-2014-0522.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0536.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0537.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0702.htmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201409-04.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlVendor Advisory
- http://www.securityfocus.com/bid/66896Third Party AdvisoryVDB Entry
- http://rhn.redhat.com/errata/RHSA-2014-0522.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0536.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0537.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0702.htmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201409-04.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlVendor Advisory
FAQ
What is CVE-2014-2436?
CVE-2014-2436 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related ...
How severe is CVE-2014-2436?
CVE-2014-2436 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2436?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Oracle Solaris, Mariadb Mariadb, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus.