Vulnerability Description
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Mysql | >= 5.5.0, <= 5.5.37 |
| Vmware | Vcenter Server Appliance | 5.0 |
| Oracle | Solaris | 11.3 |
| Opensuse Project | Suse Linux Enterprise Desktop | 11.0 |
| Opensuse Project | Suse Linux Enterprise Server | 11.0 |
| Opensuse Project | Suse Linux Enterprise Software Development Kit | 11.0 |
| Debian | Debian Linux | 7.0 |
| Mariadb | Mariadb | >= 5.5.0, < 5.5.38 |
| Suse | Linux Enterprise Desktop | 11 |
| Suse | Linux Enterprise Server | 11 |
| Suse | Linux Enterprise Software Development Kit | 11 |
| Suse | Linux Enterprise Workstation Extension | 12 |
References
- http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2014/Dec/23Mailing ListThird Party Advisory
- http://secunia.com/advisories/60425Not Applicable
- http://www.debian.org/security/2014/dsa-2985Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/534161/100/0/threadedThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/68564Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1030578Broken LinkThird Party AdvisoryVDB Entry
- http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94620Third Party AdvisoryVDB Entry
- http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2014/Dec/23Mailing ListThird Party Advisory
FAQ
What is CVE-2014-4258?
CVE-2014-4258 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availabili...
How severe is CVE-2014-4258?
CVE-2014-4258 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4258?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Vmware Vcenter Server Appliance, Oracle Solaris, Opensuse Project Suse Linux Enterprise Desktop, Opensuse Project Suse Linux Enterprise Server.