CVE-2013-1861
Vulnerability from cvelistv5
Published
2013-03-28 23:00
Modified
2024-08-06 15:20
Severity ?
Summary
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
References
secalert@redhat.comhttp://lists.askmonty.org/pipermail/commits/2013-March/004371.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00024.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-09/msg00008.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://seclists.org/oss-sec/2013/q1/671Mailing List, Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/52639Not Applicable
secalert@redhat.comhttp://secunia.com/advisories/54300Not Applicable
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-201409-04.xmlThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2818Third Party Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.htmlThird Party Advisory
secalert@redhat.comhttp://www.osvdb.org/91415Broken Link
secalert@redhat.comhttp://www.securityfocus.com/bid/58511Exploit, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1909-1Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=919247Issue Tracking, Third Party Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/82895Third Party Advisory, VDB Entry
secalert@redhat.comhttps://mariadb.atlassian.net/browse/MDEV-4252Broken Link
af854a3a-2127-422b-91ae-364da2661108http://lists.askmonty.org/pipermail/commits/2013-March/004371.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2013/q1/671Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52639Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/54300Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201409-04.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2818Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/91415Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/58511Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1909-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=919247Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/82895Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://mariadb.atlassian.net/browse/MDEV-4252Broken Link
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:20:35.199Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "54300",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54300"
          },
          {
            "name": "DSA-2818",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2818"
          },
          {
            "name": "[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2013/q1/671"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
          },
          {
            "name": "mysql-mariadb-cve20131861-dos(82895)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82895"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://mariadb.atlassian.net/browse/MDEV-4252"
          },
          {
            "name": "52639",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52639"
          },
          {
            "name": "openSUSE-SU-2013:1335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
          },
          {
            "name": "58511",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58511"
          },
          {
            "name": "USN-1909-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1909-1"
          },
          {
            "name": "SUSE-SU-2013:1390",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
          },
          {
            "name": "[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.askmonty.org/pipermail/commits/2013-March/004371.html"
          },
          {
            "name": "openSUSE-SU-2013:1410",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
          },
          {
            "name": "91415",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/91415"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919247"
          },
          {
            "name": "SUSE-SU-2013:1529",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
          },
          {
            "name": "GLSA-201409-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "54300",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54300"
        },
        {
          "name": "DSA-2818",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2818"
        },
        {
          "name": "[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2013/q1/671"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
        },
        {
          "name": "mysql-mariadb-cve20131861-dos(82895)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82895"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://mariadb.atlassian.net/browse/MDEV-4252"
        },
        {
          "name": "52639",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52639"
        },
        {
          "name": "openSUSE-SU-2013:1335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
        },
        {
          "name": "58511",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58511"
        },
        {
          "name": "USN-1909-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1909-1"
        },
        {
          "name": "SUSE-SU-2013:1390",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
        },
        {
          "name": "[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.askmonty.org/pipermail/commits/2013-March/004371.html"
        },
        {
          "name": "openSUSE-SU-2013:1410",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
        },
        {
          "name": "91415",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/91415"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919247"
        },
        {
          "name": "SUSE-SU-2013:1529",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
        },
        {
          "name": "GLSA-201409-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-1861",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "54300",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54300"
            },
            {
              "name": "DSA-2818",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2818"
            },
            {
              "name": "[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld",
              "refsource": "MLIST",
              "url": "http://seclists.org/oss-sec/2013/q1/671"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
            },
            {
              "name": "mysql-mariadb-cve20131861-dos(82895)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82895"
            },
            {
              "name": "https://mariadb.atlassian.net/browse/MDEV-4252",
              "refsource": "CONFIRM",
              "url": "https://mariadb.atlassian.net/browse/MDEV-4252"
            },
            {
              "name": "52639",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/52639"
            },
            {
              "name": "openSUSE-SU-2013:1335",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
            },
            {
              "name": "58511",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58511"
            },
            {
              "name": "USN-1909-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1909-1"
            },
            {
              "name": "SUSE-SU-2013:1390",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
            },
            {
              "name": "[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/",
              "refsource": "MLIST",
              "url": "http://lists.askmonty.org/pipermail/commits/2013-March/004371.html"
            },
            {
              "name": "openSUSE-SU-2013:1410",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
            },
            {
              "name": "91415",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/91415"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=919247",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919247"
            },
            {
              "name": "SUSE-SU-2013:1529",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
            },
            {
              "name": "GLSA-201409-04",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-1861",
    "datePublished": "2013-03-28T23:00:00",
    "dateReserved": "2013-02-19T00:00:00",
    "dateUpdated": "2024-08-06T15:20:35.199Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-1861\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-03-28T23:55:01.763\",\"lastModified\":\"2024-11-21T01:50:32.567\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.\"},{\"lang\":\"es\",\"value\":\"MariaDB 5.5.x en versiones anteriores a 5.5.30, 5.3.x en versiones anteriores a 5.3.13, 5.2.x en versiones anteriores a 5.2.15 y 5.1.x en versiones anteriores a 5.1.68 y Oracle MySQL 5.1.69 y versiones anteriores, 5.5.31 y versiones anteriores y 5.6.11 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una funcionalidad de geometr\u00eda manipulada que especifica un gran n\u00famero de puntos, que no es apropiadamente manipulada cuando se procesa la representaci\u00f3n binaria de esta funcionalidad, relacionado con un error de c\u00e1lculo num\u00e9rico.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.5.32\",\"matchCriteriaId\":\"3CD04090-8460-4E38-9640-DC7B359A340F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.4\",\"matchCriteriaId\":\"5E9A4370-E2AF-407E-9CDF-5935AECE7C4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.1.0\",\"versionEndIncluding\":\"5.1.69\",\"matchCriteriaId\":\"93A093F4-5A43-4AF6-955A-3280C27D478F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndIncluding\":\"5.5.31\",\"matchCriteriaId\":\"A73500AE-1FEC-4D0D-A49D-0B2C8B6D5A47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6.0\",\"versionEndIncluding\":\"5.6.11\",\"matchCriteriaId\":\"D9B43CE7-D424-47A9-BBA4-230FD4839973\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.5.32\",\"matchCriteriaId\":\"3CD04090-8460-4E38-9640-DC7B359A340F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.4\",\"matchCriteriaId\":\"5E9A4370-E2AF-407E-9CDF-5935AECE7C4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFAA48D9-BEB4-4E49-AD50-325C262D46D9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D806A17E-B8F9-466D-807D-3F1E77603DC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED68ADD-BBDA-4485-BC76-58F011D72311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"}]}]}],\"references\":[{\"url\":\"http://lists.askmonty.org/pipermail/commits/2013-March/004371.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/oss-sec/2013/q1/671\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/52639\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/54300\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201409-04.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2818\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.osvdb.org/91415\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/58511\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1909-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=919247\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82895\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://mariadb.atlassian.net/browse/MDEV-4252\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.askmonty.org/pipermail/commits/2013-March/004371.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/oss-sec/2013/q1/671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/52639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/54300\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201409-04.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2818\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.osvdb.org/91415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/58511\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1909-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=919247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82895\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://mariadb.atlassian.net/browse/MDEV-4252\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.