CVE-2016-1246

MEDIUM

Description

Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.

References

http://blogs.perl.org/users/mike_b/2016/10/security-release---buffer-overflow-in-dbdmysql-perl-library.html

http://www.debian.org/security/2016/dsa-3684

http://www.securityfocus.com/bid/93337

https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2

https://security.gentoo.org/glsa/201701-51

Details

Source: MITRE

Published: 2016-10-05

Updated: 2017-11-13

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:dbd-mysql_project:dbd-mysql:*:*:*:*:*:*:*:*

OR

cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (15 total)

IDNameProductFamilySeverity
147446EulerOS Virtualization 3.0.2.6 : perl-DBD-MySQL (EulerOS-SA-2021-1447)NessusHuawei Local Security Checks
high
147064EulerOS Virtualization 3.0.6.6 : perl-DBD-MySQL (EulerOS-SA-2021-1509)NessusHuawei Local Security Checks
high
146760EulerOS 2.0 SP2 : perl-DBD-MySQL (EulerOS-SA-2021-1343)NessusHuawei Local Security Checks
high
146116EulerOS 2.0 SP5 : perl-DBD-MySQL (EulerOS-SA-2021-1223)NessusHuawei Local Security Checks
high
145117EulerOS 2.0 SP3 : perl-DBD-MySQL (EulerOS-SA-2021-1108)NessusHuawei Local Security Checks
high
96711openSUSE Security Update : perl-DBD-mysql (openSUSE-2017-130)NessusSuSE Local Security Checks
medium
96686GLSA-201701-51 : DBD::mysql: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
96528SUSE SLES12 Security Update : perl-DBD-mysql (SUSE-SU-2017:0123-1)NessusSuSE Local Security Checks
medium
96527SUSE SLES11 Security Update : perl-DBD-mysql (SUSE-SU-2017:0122-1)NessusSuSE Local Security Checks
medium
94834Fedora 25 : perl-DBD-MySQL (2016-9273c6809c)NessusFedora Local Security Checks
medium
94187Fedora 23 : perl-DBD-MySQL (2016-c0f589bd32)NessusFedora Local Security Checks
medium
94076Debian DLA-656-1 : libdbd-mysql-perl security updateNessusDebian Local Security Checks
medium
94069Ubuntu 12.04 LTS / 14.04 LTS : libdbd-mysql-perl vulnerabilities (USN-3103-1)NessusUbuntu Local Security Checks
critical
94027Fedora 24 : perl-DBD-MySQL (2016-870236238e)NessusFedora Local Security Checks
medium
93838Debian DSA-3684-1 : libdbd-mysql-perl - security updateNessusDebian Local Security Checks
medium