CVE-2018-3070 — Stack-based Buffer Overflow in Oracle Mysql
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 41.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 18
Latest updateMay 13
Description
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Scor…
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages2 packages
Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 16.04, 18.04
Patches
🔴Vulnerability Details
2📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081 community-mysql: various flaws [↗2018-07-18
Bugzilla▶
CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3070 mariadb: various flaws [fedora-27]↗2018-07-18