Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <entry id="CVE-2014-0001">
- <vuln:vulnerable-configuration id="http://www.nist.gov/">
- <cpe-lang:logical-test negate="false" operator="OR">
- <cpe-lang:fact-ref name="cpe:/a:oracle:mysql:-"/>
- <cpe-lang:fact-ref name="cpe:/a:mariadb:mariadb:5.5.34"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
- <vuln:product>cpe:/a:mariadb:mariadb:5.5.34</vuln:product>
- <vuln:product>cpe:/a:oracle:mysql:-</vuln:product>
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2014-0001</vuln:cve-id>
- <vuln:published-datetime>2014-01-31T18:55:04.503-05:00</vuln:published-datetime>
- <vuln:last-modified-datetime>2014-05-05T01:31:23.107-04:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>7.5</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>LOW</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
- <cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
- <cvss:availability-impact>PARTIAL</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
- <cvss:generated-on-datetime>2014-02-03T11:10:48.857-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:cwe id="CWE-119"/>
- <vuln:references xml:lang="en" reference_type="PATCH">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference href="http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64" xml:lang="en">http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference href="https://mariadb.com/kb/en/mariadb-5535-changelog/" xml:lang="en">https://mariadb.com/kb/en/mariadb-5535-changelog/</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1054592" xml:lang="en">https://bugzilla.redhat.com/show_bug.cgi?id=1054592</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>OSVDB</vuln:source>
- <vuln:reference href="http://www.osvdb.org/102714" xml:lang="en">102714</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MANDRIVA</vuln:source>
- <vuln:reference href="http://www.mandriva.com/security/advisories?name=MDVSA-2014:029" xml:lang="en">MDVSA-2014:029</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2014-0189.html" xml:lang="en">RHSA-2014:0189</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2014-0186.html" xml:lang="en">RHSA-2014:0186</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2014-0173.html" xml:lang="en">RHSA-2014:0173</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2014-0164.html" xml:lang="en">RHSA-2014:0164</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>OSVDB</vuln:source>
- <vuln:reference href="http://osvdb.org/102713" xml:lang="en">102713</vuln:reference>
- </vuln:references>
- <vuln:summary>Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.</vuln:summary>
- </entry>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement