CVE-2015-4819 — HIGH (7.2) — White Hats Nepal

Q: How severe is CVE-2015-4819?

CVE-2015-4819 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-4819?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Oracle Linux, Oracle Solaris, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Hpc Node.

Vulnerability Description

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Oracle	Mysql	>= 5.5.0, <= 5.5.44
Oracle	Linux	7
Oracle	Solaris	11.3
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Hpc Node	7.0
Redhat	Enterprise Linux Hpc Node Eus	7.2
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server Aus	7.2
Redhat	Enterprise Linux Server Eus	7.2
Redhat	Enterprise Linux Workstation	5.0
Mariadb	Mariadb	>= 5.5.0, < 5.5.45
Debian	Debian Linux	7.0
Fedoraproject	Fedora	23
Canonical	Ubuntu Linux	12.04

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.hMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1628.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0534.htmlBroken LinkThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1481.htmlThird Party Advisory
http://www.debian.org/security/2015/dsa-3377Third Party Advisory
http://www.debian.org/security/2015/dsa-3385Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlPatchVendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.hVendor Advisory
http://www.securityfocus.com/bid/77196Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1033894Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2781-1Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1132Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.hMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1628.htmlThird Party Advisory

FAQ

What is CVE-2015-4819?

CVE-2015-4819 is a vulnerability with a CVSS score of 7.2 (HIGH). Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Cl...

How severe is CVE-2015-4819?

CVE-2015-4819 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4819?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Oracle Linux, Oracle Solaris, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Hpc Node.