mysql 5.1.61 和mysql 5.5.21之前的版本都受影响,以下列出关于mysql的信息

Oracle MySQL Executive Summary

This Critical Patch Update contains 6 new security fixes for Oracle MySQL.  None of these vulnerabilities may be remotely exploitable without authentication, i.e., none may be exploited over a network without the need for a username and password.  The English text form of this Risk Matrix can be found here.

Oracle MySQL Risk Matrix

CVE#

Component

Protocol

Sub-

component

Remote Exploit without Auth.?

CVSS VERSION 2.0 RISK (see Risk Matrix Definitions)

Supported Versions Affected

Notes

Base Score

Access Vector

Access Complexity

Authen-

tication

Confiden-

tiality

Integrity

Avail-

ability

CVE-2012-1703

MySQL Server

MySQL Protocol

Server Optimizer

No

6.8

Network

Low

Single

None

None

Complete

5.1.61 and earlier, 5.5.21 and earlier

CVE-2012-0583

MySQL Server

MySQL Protocol

MyISAM

No

4.0

Network

Low

Single

None

None

Partial+

5.1.60 and earlier, 5.5.19 and earlier

CVE-2012-1697

MySQL Server

MySQL Protocol

Partition

No

4.0

Network

Low

Single

None

None

Partial+

5.5.21 and earlier

CVE-2012-1688

MySQL Server

MySQL Protocol

Server DML

No

4.0

Network

Low

Single

None

None

Partial+

5.1.61 and earlier, 5.5.21 and earlier

CVE-2012-1696

MySQL Server

MySQL Protocol

Server Optimizer

No

4.0

Network

Low

Single

None

None

Partial+

5.5.19 and earlier

CVE-2012-1690

MySQL Server

MySQL Protocol

Server Optimizer

No

4.0

Network

Low

Single

None

None

Partial+

5.1.61 and earlier, 5.5.21 and earlier

Text Form of Risk Matrix for Oracle MySQL

This table provides the text form of the Risk Matrix for Oracle MySQL.

CVE Identifier

Description

CVE-2012-0583

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.1.60 and earlier and 5.5.19 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.CVSS Base Score 4.0 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P). (legend) [Advisory]

CVE-2012-1688

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server DML). Supported versions that are affected are 5.1.61 and earlier and 5.5.21 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.CVSS Base Score 4.0 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P). (legend) [Advisory]

CVE-2012-1690

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server Optimizer). Supported versions that are affected are 5.1.61 and earlier and 5.5.21 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.CVSS Base Score 4.0 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P). (legend) [Advisory]

CVE-2012-1696

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server Optimizer). Supported versions that are affected are 5.5.19 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.CVSS Base Score 4.0 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P). (legend) [Advisory]

CVE-2012-1697

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Partition). Supported versions that are affected are 5.5.21 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.CVSS Base Score 4.0 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P). (legend) [Advisory]

CVE-2012-1703

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server Optimizer). Supported versions that are affected are 5.1.61 and earlier and 5.5.21 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System hang or frequently repeatable crash (complete DOS).CVSS Base Score 6.8 (Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:C). (legend) [Advisory]

mysql安全补丁,Oracle发布了本季安全补丁,包含了mysql在内的高危漏洞补丁相关推荐

  1. 提醒:安装MS11-100 .NET Framework高危漏洞补丁一定要所有服务器一起安装

    昨天,微软发布了一个非常规安全补丁 MS11-100,解决了 .NET Framework 中存在的多个漏洞. 详情见微软发布紧急安全补丁 修复.NET Framework高危漏洞. KB265635 ...

  2. 新装WINDOWS XP系统 必须安装的十大高危漏洞补丁

    当然,新装的Xp系统,很多用户可能是集成SP2或SP3及更多补丁的Ghost装机盘版本,部分盗版XP可以使用Windows Update升级,如果担心受正版验证补丁的影响,推荐还是用金山清理专家来打补 ...

  3. win2003服务器漏洞要修复吗,微软紧急发布Windows远程桌面高危漏洞补丁 涉及XP 2003...

    微软应急响应中心近日披露了WindowsServer2003,WindowsServer2008R2及WindowsServer2008的操作系统版本上存在的一个高危安全风险(漏洞编号:CVE-201 ...

  4. MySQL数据库和Oracle数据库的区别

    由于SQL Server不常用,所以这里只针对MySQL数据库和Oracle数据库的区别 (1) 对事务的提交 MySQL默认是自动提交,而Oracle默认不自动提交,需要用户手动提交,需要在写com ...

  5. 中关村GHOSTXPSP3纯净装机自选CD版V2010.02(FAT32/NTFS) 首款整合“极光”漏洞补丁

    [中关村GHOSTXPSP3自选版特点概述] 本系统本着人性化设计的思想,为用户的实际使用着想,驱动和软件都可以自选安装,非常人性化,最似原版,最稳定,正常情况下能够在5-8分钟内完成全部软件.硬件安 ...

  6. oracle每季度补丁,Oracle 2020 年第四季度补丁发布

    半个月前,也就是 10 月 20 日, Oracle 发布了今年最后一次补丁更新,那么很多人都想打最新的 PSU,理由是有被扫到各种漏洞,有的扫描工具着实太坑,这里就不用说了,前几天看到盖总发布的文章 ...

  7. oracle补丁集2020,Oracle发布2020年首批关键补丁更新,多达334个安全补丁

    Oracle发布2020年首批关键补丁更新,多达334个安全补丁 时间:2020-02-03 来源: Oracle发布2020年首批关键补丁更新,多达334个安全补丁 微软于日前发布了 2020 年 ...

  8. 确认了!MySQL 狠甩 Oracle 稳居 Top1!

    01 几乎所有程序员都会用到的 MySQL 稳居 Top 1 科技长河,顺之者昌,错失者亡. 在2019年,CSDN面向具备超强计算力的数字化世界,我们进行了「大数据技术应用现状分析」,并发布了< ...

  9. MySQL 狠甩 Oracle 稳居 Top1,私有云最受重用,大数据人才匮乏! | 中国大数据应用年度报告...

    整理 | 屠敏 出品 | CSDN(ID:CSDNnews) 科技长河,顺之者昌,错失者亡.在这个技术百态之中,中国专业的 IT 社区CSDN 创始人&董事长蒋涛曾多次在公开活动中表示,开发者 ...

  10. Oracle发布多语种虚拟机平台GraalVM 1.0

    \ 看新闻很累?看技术新闻更累?试试下载InfoQ手机客户端,每天上下班路上听新闻,有趣还有料! \ \\ Oracle发布了多语种虚拟机平台GraalVM的1.0版本.初始发布版包括运行Java和J ...

最新文章

  1. 后处理安装_分享UG后处理出Excel程序单的方法
  2. s3c2440地址分配
  3. JavaWeb之过滤器(Filter)
  4. 技术人看《长安十二时辰》的正确姿势是?
  5. 域控服务器取消验证_记一次域控服务器应急
  6. 讨物联网的隐私解决方案_2017年数据隐私日:日常隐私解决方案
  7. 创建指南针View的例子
  8. 黑马程序员__银行业务调度系统
  9. 016.2 String
  10. 惠普HP ENVY 5055 打印机驱动
  11. Windows 和 Linux 上安装 TTF 字体的方法
  12. smartadmin mysql_smart-admin/README.md at master · Rainforestor/smart-admin · GitHub
  13. 【深度学习21天学习挑战赛】备忘篇: from_tensor_slices的作用和用法
  14. 美多次透露加息 国债收益率持续走高
  15. NVIDIA图形处理单元(GPU)驱动安装指南
  16. 挑战华为社招:智慧树java程序设计答案
  17. 项目awesome-semantic-segmentation-pytorch以及FCN、Unet、deeplabv1、deeplabv2、deeplabv3、deeplabv3+的网络
  18. MySQL --- 函数大全 6
  19. RK3568平台开发系列讲解(NPU篇)让 NPU 跑起来
  20. 啊哈C语言 第五章 第七节

热门文章

  1. 再也不用担心微信公众号排版了
  2. 一个IT农民工分享互联网巨头公司面试流程
  3. python pycharm 书籍_有什么Python学习的书籍和学习资源推荐?
  4. 微信公众号 菜单 { “errcode“: 47001, “errmsg“: “data format error rid: 61b36b ...“}
  5. GT-suite v2016的下载和安装
  6. hpm1216nfh驱动程序_hp1216nfh一体机驱动下载_hp1216nfh一体机驱动 v4.0官方版_魅蓝下载...
  7. 如何采用类比法和类推法估算软件项目工作量
  8. 正确区分LJMP、AJMP、SJMP、JMP指令
  9. fcm基本原理_fcm聚类算法原理及应用
  10. C++编程导出XVID编码的AVI视频