CVE-2016-0640
Published on: 04/21/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:13 PM UTC
Certain versions of Debian Linux from Debian contain the following vulnerability:
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
- CVE-2016-0640 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.1 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
LOCAL | LOW | LOW | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | NONE | LOW | HIGH |
CVSS2 Score: 4.9 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
[security-announce] SUSE-SU-2016:1619-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
Oracle Critical Patch Update Advisory - April 2016 | Patch Vendor Advisory www.oracle.com text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
Debian -- Security Information -- DSA-3595-1 mariadb-10.0 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
Debian -- Security Information -- DSA-3557-1 mysql-5.5 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
[security-announce] openSUSE-SU-2016:1664-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
Oracle Linux Bulletin - July 2016 | Vendor Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
[security-announce] SUSE-SU-2016:1279-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] SUSE-SU-2016:1620-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] openSUSE-SU-2016:1686-1: important: Security update | Third Party Advisory lists.opensuse.org text/html |
![]() |
MariaDB 10.1.12 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
MariaDB 5.5.48 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
MySQL Multiple Bugs Let Remote Users Access and Modify Data and Deny Service and Let Remote and Remote Authenticated Users Gain Elevated Privileges - SecurityTracker | Third Party Advisory VDB Entry www.securitytracker.com text/html |
![]() |
USN-2953-1: MySQL vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory access.redhat.com text/html |
![]() |
Security Bulletin: Multiple vulnerabilities in mariadb affect PowerKVM | Third Party Advisory www-01.ibm.com text/html |
![]() |
Oracle MySQL CVE-2016-0640 Remote Security Vulnerability | Third Party Advisory VDB Entry cve.report (archive) text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
[security-announce] openSUSE-SU-2016:1332-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
MariaDB 10.0.24 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Application | Ibm | Powerkvm | 2.1 | All | All | All |
Application | Ibm | Powerkvm | 3.1 | All | All | All |
Application | Ibm | Powerkvm | 2.1 | All | All | All |
Application | Ibm | Powerkvm | 3.1 | All | All | All |
Application | Mariadb | Mariadb | All | All | All | All |
Application | Mariadb | Mariadb | All | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Oracle | Linux | 7 | All | All | All |
Operating System | Oracle | Linux | 7 | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*:
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE