CVE-2016-1251

{"id": "CVE-2016-1251", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2016-11-29T20:59:00.170", "references": [{"url": "http://www.openwall.com/lists/oss-security/2016/11/28/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/bid/94573", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "security@debian.org"}, {"url": "https://security.gentoo.org/glsa/201701-51", "source": "security@debian.org"}, {"url": "https://tracker.debian.org/news/819888", "tags": ["Third Party Advisory"], "source": "security@debian.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1."}, {"lang": "es", "value": "Existe una vulnerabilidad de tipo uso despu\u00e9s de liberaci\u00f3n de memoria afectando a DBD::mysql (tambi\u00e9n conocido como DBD-mysql o el controlador Database Interface (DBI) MySQL para Perl) 3.x y 4.x en versiones anteriores a 4.041 cuando se usa con mysql_server_prepare=1."}], "lastModified": "2017-07-01T01:29:33.267", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0000_0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A5D59D2-7D0E-41D7-B15C-D412716F1662"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06E53A50-7658-4BF4-B3BB-014D4D00CD56"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3D81109-EDB9-47D4-B0CC-A71195A39709"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0001_3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CA33576-D1DF-4106-9929-C2482D6C2034"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D97E779-B23A-432C-B832-1DCBB99B4A72"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CF388AF-E0B9-471D-91D5-7840CD009B35"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "570B852E-1CD8-4671-84A8-5414CE3E6773"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B934765F-4B26-42E1-A7C7-6AF3C1D390DE"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0002_5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB6F3F92-EC7E-4AD7-A497-364B938E915A"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0003_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFCBD8B5-4144-4F6F-BC0D-491D7BA17857"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0004_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36F3476F-0ED2-4196-ADEC-6D611172E055"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F454E8C5-E326-4413-9CE6-B4E222C3F5A4"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0005_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE670AC4-0B5F-4700-94D9-B4F948A4A710"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0007_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7A3EBB4-E5BF-4D2E-A03D-CF616205A667"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0008_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57376B91-8F48-42A6-9E13-2B05499F6CED"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:3.0009_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8522692F-F52D-4542-A742-C10864F9D382"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47DA41EC-4385-4393-8778-C8CABCE9B17D"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E0E72A6-B0EC-4DCF-A1DC-846D559530BB"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF762FDD-0958-42D8-9180-7263D1710179"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6A29C41-B868-4D66-86FD-39AA932582ED"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30DE9498-ECA5-4817-9E9D-5BF6F28E0B97"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D889E422-F557-457C-9B40-DDAAF0C36F58"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9421E26B-0B67-451E-BFB3-754616C72581"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C71E399D-BDF6-4CF2-B94A-C3CF5057A478"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57096741-346E-425D-B6A4-D6B85670B67F"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.009:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9728447-CD4B-4446-B639-DECFF61698D0"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.010:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2F3B551-B0F3-421B-993E-0FA5A93FFA26"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.011:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C62B9D09-B9F2-4A8D-8961-67CFEBE5A8A0"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.012:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E633E4C-5A1D-4F71-A9EB-98FAD8B7A6C3"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.013:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA41340C-395A-4340-83EE-DF5DB2C6E7B7"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.014:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A213F4F9-7117-4E26-8E54-D4EEB992CADC"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9870F6F-F5E4-4CF4-BD36-B852E9DF2BF0"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.016:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D9AB8C1-C8AB-4B8E-994A-C326DBAA0E8B"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.017:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C79BED25-D6C7-49B5-B259-CE85958E699D"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.018:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA2E8485-0016-418E-93D4-B966723BE7F5"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.019:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB87D62-FE94-4ED2-9A40-CCD66E0D4FF9"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.020:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "722F41AF-A845-48B1-8369-C237802B0F75"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.021:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A030DC2-0339-46A8-812E-14462645A19A"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.022:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF8092DC-4917-49AA-8F14-298D074CA0F2"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.023:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBA7D382-C3CF-4708-878B-43A7A29775DF"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.024:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E6471E7-B024-4DA2-80DA-4DD4596D21F8"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.025:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75B893A9-DD2E-4EA1-AA60-CE8CE06731A5"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B9464F0-7DF4-4807-8995-FAC8186CE250"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.027:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F39AD7FA-24A5-4BF3-A4F5-7F1A286DE9B1"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.028:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB93BC1-3D5E-4383-8A53-5B9F8377B6EB"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.029:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC53E73-4B33-4AFD-8AA2-D660C6D4C24F"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.030_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA37141F-F70B-4C27-A2B5-18D0F41C95B9"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.030_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC2D4C74-0A14-400F-8C7A-BB2277FDD9AA"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.031:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B7ED4CE-1576-4B7A-85E5-17A8EC23842B"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F06CB782-ED43-4921-A539-4B4594600C01"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4FE24CE-C089-4E93-819B-3C1877611B5D"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78BAFED8-F273-4A1C-8DE1-26B689CB9EFA"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.032_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42F8A84B-C606-4082-86B1-2088DE9A03D0"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "855C6840-C1EF-4112-B3C9-6B742D593EBA"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A613F823-D304-4C51-B904-2918E566CAAB"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5A5607D-8AC4-44F5-B99A-B60ADF2E7EDB"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.033_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F283A26E-C7A8-4CD8-97B1-E42D2E5B752D"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.034:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CB4FD17-2403-4706-8587-7B5014CBFA1D"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49162A04-1D50-492E-82E4-4182E3D19462"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E489128-1686-4158-9E50-98BD316C8346"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A527AB84-A00B-485B-BE46-8A108FC2FFB5"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.035_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "819AFBF6-DF4E-4230-99EF-2284068392A0"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.036:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D10258EC-F083-48A6-BAC9-BBB5F0266D80"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.037:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21982316-2511-4BD4-9B83-8E29BDBF6AF3"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.037_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79851BA3-BB2C-4486-A58F-86208720DAD1"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.038:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7196E24B-8019-446E-AC48-A536DBE99888"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.038_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52005E5-87BE-4668-AD83-040BFB30AF77"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.039:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E8C2A12-41F9-4D12-A278-FB32E45B7FE9"}, {"criteria": "cpe:2.3:a:dbd-mysql_project:dbd-mysql:4.040:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DEF0815-D607-47F9-AE72-6ACB20C4C46B"}], "operator": "OR"}]}], "sourceIdentifier": "security@debian.org"}