JSON View XML View

Key Value
MTID M114596
Title Oracle MySQL my.cnf SQL Injection
Description A vulnerability in some versions of Oracle MySQL could lead to SQL injection.
Observation A vulnerability in some versions of Oracle MySQL could lead to SQL injection.

The flaw lies in the handling of my.cnf. Successful exploitation could allow a remote attacker to execute arbitrary commands.
Recommendation Download the latest version of MySQL from the following location:

http://www.mysql.com/downloads/
Vendor Oracle
Attack Vector Malicious remote network traffic
Importance 9
Impact 10.00084536000
Threat Score 10.0
Labels
Zero-Day
References
CVECVE-2016-6662
EDB-ID40360
MTIDM114596
CPEs
cpe:/a:oracle:mysql:5.7.14
cpe:/a:oracle:mysql:5.6.32
cpe:/a:oracle:mysql:5.5.51
Created At 2016-09-12 00:00:00 UTC
Updated At 2016-09-29 10:56:19 UTC

Back