CVE-2014-4260

Published: Jul 17, 2014Modified: May 6, 2026

5.5

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploitability: 8.0 / Impact: 4.9

Source: NVD

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

Affected (14)

Products: Oracle: Mysql, Solaris · Debian: Debian Linux · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit, Linux Enterprise Workstation Extension · +1 more

Show all products

Oracle: Mysql, Solaris · Debian: Debian Linux · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit, Linux Enterprise Workstation Extension · Mariadb: Mariadb

2 products

1 product

4 products

Linux Enterprise Desktop

Linux Enterprise Server

Linux Enterprise Software Development Kit

Linux Enterprise Workstation Extension

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Mysql	From 5.5.0 to 5.5.37
Oracle Mysql	From 5.6.0 to 5.6.17

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Solaris	Version 11.3

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0

Configuration D

8 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Desktop	Version 11 sp3
Suse Linux Enterprise Desktop	Version 12
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 12
Suse Linux Enterprise Software Development Kit	Version 11 sp3
Suse Linux Enterprise Software Development Kit	Version 12
Suse Linux Enterprise Workstation Extension	Version 12

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Mariadb Mariadb	From 10.0.0 to 10.0.12
Mariadb Mariadb	From 5.5.0 to 5.5.38

References (24)

http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html

Source: secalert_us@oracle.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

Source: secalert_us@oracle.com

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2014/Dec/23

Source: secalert_us@oracle.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/60425

Source: secalert_us@oracle.com

Not Applicable

http://www.debian.org/security/2014/dsa-2985

Source: secalert_us@oracle.com

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/68573

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030578

Source: secalert_us@oracle.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: secalert_us@oracle.com

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/94621

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2014/Dec/23

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/60425

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

http://www.debian.org/security/2014/dsa-2985

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/68573

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030578

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/94621

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.