CVE-2014-0001 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mariadb
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer49 documents8 sources
Severity
7.5HIGHNVD
EPSS
20.7%
top 4.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 31
Latest updateMay 13
Description
Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages5 packages
Also affects: Enterprise Linux 5, 6.0
Patches
🔴Vulnerability Details
2💥Exploits & PoCs
1📋Vendor Advisories
21VMware▶
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues↗2015-01-27
Red Hat▶
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26
Red Hat▶
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26
Red Hat▶
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26
Red Hat▶
webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26
💬Community
22Bugzilla▶
CVE-2014-1308 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-27
Bugzilla▶
CVE-2014-1326 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-27
Bugzilla▶
CVE-2014-1333 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-27
Bugzilla
▶