CVE-2014-0437

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:N/I:N/A:P

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/102074	Broken Link
http://rhn.redhat.com/errata/RHSA-2014-0164.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0173.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0186.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0189.html	Third Party Advisory
http://secunia.com/advisories/56491	Not Applicable
http://secunia.com/advisories/56541	Not Applicable
http://secunia.com/advisories/56580	Not Applicable
http://security.gentoo.org/glsa/glsa-201409-04.xml	Third Party Advisory
http://ubuntu.com/usn/usn-2086-1	Third Party Advisory
http://www.debian.org/security/2014/dsa-2845	Third Party Advisory
http://www.debian.org/security/2014/dsa-2848	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	Vendor Advisory
http://www.securityfocus.com/bid/64758	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/64849	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90385	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:6.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 5 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

History

16 Sep 2022, 19:57

Information

Published : 2014-01-15 16:08

Updated : 2023-12-10 11:16

NVD link : CVE-2014-0437

Mitre link : CVE-2014-0437

CVE.ORG link : CVE-2014-0437

JSON object : View

Products Affected

redhat

enterprise_linux_server_tus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_eus

mariadb

mariadb

oracle

mysql

debian

debian_linux

canonical

ubuntu_linux

CWE

NVD-CWE-noinfo

Type	Values Removed	Values Added
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0164.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0164.html - Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/64758 -~~	(BID) http://www.securityfocus.com/bid/64758 - Third Party Advisory, VDB Entry
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0173.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0173.html - Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/56541 -~~	(SECUNIA) http://secunia.com/advisories/56541 - Not Applicable
References	~~(BID) http://www.securityfocus.com/bid/64849 -~~	(BID) http://www.securityfocus.com/bid/64849 - Third Party Advisory, VDB Entry
References	~~(SECUNIA) http://secunia.com/advisories/56491 -~~	(SECUNIA) http://secunia.com/advisories/56491 - Not Applicable
References	~~(DEBIAN) http://www.debian.org/security/2014/dsa-2848 -~~	(DEBIAN) http://www.debian.org/security/2014/dsa-2848 - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0186.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0186.html - Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/56580 -~~	(SECUNIA) http://secunia.com/advisories/56580 - Not Applicable
References	~~(UBUNTU) http://ubuntu.com/usn/usn-2086-1 -~~	(UBUNTU) http://ubuntu.com/usn/usn-2086-1 - Third Party Advisory
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/90385 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/90385 - Third Party Advisory, VDB Entry
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0189.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2014-0189.html - Third Party Advisory
References	~~(DEBIAN) http://www.debian.org/security/2014/dsa-2845 -~~	(DEBIAN) http://www.debian.org/security/2014/dsa-2845 - Third Party Advisory
References	~~(GENTOO) http://security.gentoo.org/glsa/glsa-201409-04.xml -~~	(GENTOO) http://security.gentoo.org/glsa/glsa-201409-04.xml - Third Party Advisory
References	~~(OSVDB) http://osvdb.org/102074 -~~	(OSVDB) http://osvdb.org/102074 - Broken Link
First Time		Redhat enterprise Linux Server Aus Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Canonical Redhat Redhat enterprise Linux Workstation Debian debian Linux Mariadb Canonical ubuntu Linux Debian Redhat enterprise Linux Server Mariadb mariadb Redhat enterprise Linux Desktop
CPE	cpe:2.3:a:oracle:mysql:5.1.36:::::::* cpe:2.3:a:oracle:mysql:5.1.69:::::::* cpe:2.3:a:oracle:mysql:5.5.11:::::::* cpe:2.3:a:oracle:mysql:5.1.30:::::::* cpe:2.3:a:oracle:mysql:5.1.52:sp1:::::: cpe:2.3:a:oracle:mysql:5.6.12:::::::* cpe:2.3:a:oracle:mysql:5.1.41:::::::* cpe:2.3:a:oracle:mysql:5.1.33:::::::* cpe:2.3:a:oracle:mysql:5.1.45:::::::* cpe:2.3:a:oracle:mysql:5.5.33:::::::* cpe:2.3:a:oracle:mysql:5.6.4:::::::* cpe:2.3:a:oracle:mysql:5.5.17:::::::* cpe:2.3:a:oracle:mysql:5.1.57:::::::* cpe:2.3:a:oracle:mysql:5.1.55:::::::* cpe:2.3:a:oracle:mysql:5.1.19:::::::* cpe:2.3:a:oracle:mysql:5.5.1:::::::* cpe:2.3:a:oracle:mysql:5.1.64:::::::* cpe:2.3:a:oracle:mysql:5.1.46:::::::* cpe:2.3:a:oracle:mysql:5.1.13:::::::* cpe:2.3:a:oracle:mysql:5.1.26:::::::* cpe:2.3:a:oracle:mysql:5.1.47:::::::* cpe:2.3:a:oracle:mysql:5.1.20:::::::* cpe:2.3:a:oracle:mysql:5.1.71:::::::* cpe:2.3:a:oracle:mysql:5.1.14:::::::* cpe:2.3:a:oracle:mysql:5.1.48:::::::* cpe:2.3:a:mysql:mysql:5.1.5:::::::* cpe:2.3:a:oracle:mysql:5.1.35:::::::* cpe:2.3:a:oracle:mysql:5.5.19:::::::* cpe:2.3:a:oracle:mysql:5.1.1:::::::* cpe:2.3:a:oracle:mysql:5.1.25:::::::* cpe:2.3:a:oracle:mysql:5.1.4:::::::* cpe:2.3:a:oracle:mysql:5.1.42:::::::* cpe:2.3:a:oracle:mysql:5.1.8:::::::* cpe:2.3:a:oracle:mysql:5.1.28:::::::* cpe:2.3:a:oracle:mysql:5.1.59:::::::* cpe:2.3:a:oracle:mysql:5.1.51:::::::* cpe:2.3:a:oracle:mysql:5.5.15:::::::* cpe:2.3:a:oracle:mysql:5.1.2:::::::* cpe:2.3:a:oracle:mysql:5.1.23:a:::::: cpe:2.3:a:oracle:mysql:5.1.60:::::::* cpe:2.3:a:oracle:mysql:5.1.39:::::::* cpe:2.3:a:oracle:mysql:5.5.31:::::::* cpe:2.3:a:oracle:mysql:5.5.28:::::::* cpe:2.3:a:oracle:mysql:5.6.10:::::::* cpe:2.3:a:oracle:mysql:5.5.30:::::::* cpe:2.3:a:oracle:mysql:5.5.3:::::::* cpe:2.3:a:oracle:mysql:5.6.6:::::::* cpe:2.3:a:oracle:mysql:5.5.6:::::::* cpe:2.3:a:oracle:mysql:5.6.11:::::::* cpe:2.3:a:oracle:mysql:5.5.22:::::::* cpe:2.3:a:oracle:mysql:5.1.9:::::::* cpe:2.3:a:oracle:mysql:5.1.29:::::::* cpe:2.3:a:oracle:mysql:5.1.10:::::::* cpe:2.3:a:oracle:mysql:5.1.66:::::::* cpe:2.3:a:mysql:mysql:5.1.32:::::::* cpe:2.3:a:oracle:mysql:5.1.46:sp1:::::: cpe:2.3:a:oracle:mysql:5.5.14:::::::* cpe:2.3:a:oracle:mysql:5.6.5:::::::* cpe:2.3:a:oracle:mysql:5.6.0:::::::* cpe:2.3:a:oracle:mysql:5.5.4:::::::* cpe:2.3:a:oracle:mysql:5.5.18:::::::* cpe:2.3:a:oracle:mysql:5.5.21:::::::* cpe:2.3:a:oracle:mysql:5.1.12:::::::* cpe:2.3:a:oracle:mysql:5.1.40:::::::* cpe:2.3:a:oracle:mysql:5.1.49:::::::* cpe:2.3:a:oracle:mysql:5.1.37:sp1:::::: cpe:2.3:a:oracle:mysql:5.1.16:::::::* cpe:2.3:a:oracle:mysql:5.5.24:::::::* cpe:2.3:a:oracle:mysql:5.1.34:sp1:::::: cpe:2.3:a:oracle:mysql:5.6.7:::::::* cpe:2.3:a:oracle:mysql:5.1.62:::::::* cpe:2.3:a:oracle:mysql:5.6.1:::::::* cpe:2.3:a:oracle:mysql:5.6.2:::::::* cpe:2.3:a:mysql:mysql:5.1.31:::::::* cpe:2.3:a:oracle:mysql:5.1.15:::::::* cpe:2.3:a:oracle:mysql:5.5.2:::::::* cpe:2.3:a:oracle:mysql:5.1.65:::::::* cpe:2.3:a:oracle:mysql:5.5.7:::::::* cpe:2.3:a:oracle:mysql:5.1.27:::::::* cpe:2.3:a:oracle:mysql:5.1.49:sp1:::::: cpe:2.3:a:oracle:mysql:5.6.8:::::::* cpe:2.3:a:oracle:mysql:5.5.25:::::::* cpe:2.3:a:oracle:mysql:5.1.43:::::::* cpe:2.3:a:oracle:mysql:5.5.26:::::::* cpe:2.3:a:oracle:mysql:5.1.68:::::::* cpe:2.3:a:oracle:mysql:5.1.54:::::::* cpe:2.3:a:oracle:mysql:5.5.9:::::::* cpe:2.3:a:oracle:mysql:5.5.12:::::::* cpe:2.3:a:oracle:mysql:5.5.32:::::::* cpe:2.3:a:oracle:mysql:5.5.0:::::::* cpe:2.3:a:oracle:mysql:5.1.40:sp1:::::: cpe:2.3:a:oracle:mysql:5.5.27:::::::* cpe:2.3:a:oracle:mysql:5.5.25:a:::::: cpe:2.3:a:mysql:mysql:5.1.34:::::::* cpe:2.3:a:oracle:mysql:5.1.31:sp1:::::: cpe:2.3:a:oracle:mysql:5.1.56:::::::* cpe:2.3:a:oracle:mysql:5.1.7:::::::* cpe:2.3:a:oracle:mysql:5.1.50:::::::* cpe:2.3:a:oracle:mysql:5.1.22:::::::* cpe:2.3:a:oracle:mysql:5.1.17:::::::* cpe:2.3:a:oracle:mysql:5.1.18:::::::* cpe:2.3:a:oracle:mysql:5.1:::::::* cpe:2.3:a:oracle:mysql:5.1.21:::::::* cpe:2.3:a:oracle:mysql:5.5.13:::::::* cpe:2.3:a:mysql:mysql:5.1.37:::::::* cpe:2.3:a:oracle:mysql:5.5.23:::::::* cpe:2.3:a:oracle:mysql:5.6.13:::::::* cpe:2.3:a:oracle:mysql:5.5.5:::::::* cpe:2.3:a:oracle:mysql:5.1.6:::::::* cpe:2.3:a:oracle:mysql:5.5.10:::::::* cpe:2.3:a:oracle:mysql:5.1.61:::::::* cpe:2.3:a:oracle:mysql:5.1.24:::::::* cpe:2.3:a:oracle:mysql:5.5.16:::::::* cpe:2.3:a:oracle:mysql:5.6.3:::::::* cpe:2.3:a:oracle:mysql:5.1.11:::::::* cpe:2.3:a:oracle:mysql:5.1.3:::::::* cpe:2.3:a:oracle:mysql:5.1.58:::::::* cpe:2.3:a:mysql:mysql:5.1.23:::::::* cpe:2.3:a:oracle:mysql:5.1.38:::::::* cpe:2.3:a:oracle:mysql:5.1.43:sp1:::::: cpe:2.3:a:oracle:mysql:5.6.9:::::::* cpe:2.3:a:oracle:mysql:5.5.29:::::::* cpe:2.3:a:oracle:mysql:5.1.67:::::::* cpe:2.3:a:oracle:mysql:5.1.53:::::::* cpe:2.3:a:oracle:mysql:5.1.63:::::::* cpe:2.3:a:oracle:mysql:5.1.70:::::::* cpe:2.3:a:oracle:mysql:5.5.20:::::::* cpe:2.3:a:oracle:mysql:5.1.44:::::::* cpe:2.3:a:oracle:mysql:5.1.52:::::::*	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::* cpe:2.3:a:mariadb:mariadb:::::::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

3.5 /10