Vulnerability CVE-2016-0502

Vulnerability Name:

CVE-2016-0502 (CCN-109980)

Assigned:

2015-12-09

Published:

2016-01-19

Updated:

2022-09-08

Summary:

Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-noinfo

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2016-0502

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2016:0367

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2016:0377

Source: CCN
Type: Oracle Critical Patch Update Advisory - January 2016
Oracle Critical Patch Update Advisory - January 2016

Source: CONFIRM
Type: Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Source: SECTRACK
Type: Broken Link, Third Party Advisory, VDB Entry
1034708

Source: XF
Type: UNKNOWN
oracle-cpujan2016-cve20160502(109980)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-0502

Vulnerable Configuration:

Configuration 1:

cpe:/o:opensuse:leap:42.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:oracle:mysql:*:*:*:*:*:*:*:* (Version >= 5.5.0 and <= 5.5.31)

OR cpe:/a:oracle:mysql:*:*:*:*:*:*:*:* (Version >= 5.6.0 and <= 5.6.11)

Configuration 3:

cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.32)

OR cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 10.0.0 and < 10.0.4)

Configuration CCN 1:

cpe:/a:oracle:mysql:5.6.11:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.5.31:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20160502	V	CVE-2016-0502	2022-06-30
oval:org.opensuse.security:def:112714	P	libmysql56client18-32bit-5.6.34-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:30171	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:34050	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:106187	P	Security update for libvirt (Important) (in QA)	2021-12-30
oval:org.opensuse.security:def:55988	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:55985	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:56104	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:34597	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:55260	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:31293	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:30257	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:56080	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:34558	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:31255	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:32169	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:30114	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:34509	P	Security update for libmspack (Moderate)	2021-08-17
oval:org.opensuse.security:def:32130	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:36221	P	libsss_idmap0-1.9.4-0.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36179	P	libcap-progs-2.11-2.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:55911	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:57454	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:34451	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:56023	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:55880	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:34666	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:28960	P	Security update for sudo (Important)	2021-03-24
oval:org.opensuse.security:def:54772	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:30026	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:31339	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:57549	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:54750	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2021-02-10
oval:org.opensuse.security:def:34622	P	Security update for python36 (Important)	2021-02-10
oval:org.opensuse.security:def:54749	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:54743	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:28925	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:33914	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:35541	P	evince-2.28.2-0.2.68 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:57380	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:30675	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:55150	P	iputils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35163	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:27547	P	python-lxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33819	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26596	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27768	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:30515	P	Security update for ghostscript	2020-12-01
oval:org.opensuse.security:def:26829	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27586	P	xorg-x11-libXrender-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31040	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:35497	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:54603	P	libsnmp30-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34147	P	Security update for opensc (Low)	2020-12-01
oval:org.opensuse.security:def:27022	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28074	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34685	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27114	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28088	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:31427	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35304	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:27342	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55426	P	yubikey-manager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27806	P	Security update for libpng12-0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30674	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:54912	P	libpolkit0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35073	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27508	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28287	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:26468	P	Security update for go1.9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27684	P	Security update for xorg-x11-server	2020-12-01
oval:org.opensuse.security:def:30466	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:27522	P	obex-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30983	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:35470	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28791	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:54581	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26969	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28060	P	Security update for emacs (Important)	2020-12-01
oval:org.opensuse.security:def:34684	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27033	P	star on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27937	P	Security update for GraphicsMagick (Important)	2020-12-01
oval:org.opensuse.security:def:31388	P	Security update for openwsman (Important)	2020-12-01
oval:org.opensuse.security:def:56273	P	Security update for dracut (Moderate)	2020-12-01
oval:org.opensuse.security:def:27341	P	yast2-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29894	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27168	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35016	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:27459	P	libmikmod on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28243	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26404	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:27627	P	Security update for IBM Java 7	2020-12-01
oval:org.opensuse.security:def:30411	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27511	P	lxc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30892	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:55595	P	Security update for icedtea-web (Moderate)	2020-12-01
oval:org.opensuse.security:def:35431	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28756	P	Security update for libpng	2020-12-01
oval:org.opensuse.security:def:54580	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28021	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:30617	P	Security update for vino	2020-12-01
oval:org.opensuse.security:def:26905	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27853	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:56192	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:29821	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:55154	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27124	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34916	P	Security update for elfutils (Low)	2020-12-01
oval:org.opensuse.security:def:27406	P	gd-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28229	P	Security update for libtirpc, rpcbind (Important)	2020-12-01
oval:org.opensuse.security:def:26393	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27545	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27510	P	lighttpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30760	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:55429	P	zypper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35382	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:27605	P	Security update for CUPS	2020-12-01
oval:org.opensuse.security:def:33831	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26734	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27972	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:30573	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:57623	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:26841	P	xdg-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27796	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:56154	P	Security update for libplist (Moderate)	2020-12-01
oval:org.opensuse.security:def:27841	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:29810	P	Security update for jakarta	2020-12-01
oval:org.opensuse.security:def:54981	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34293	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27110	P	dhcpcd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34780	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27255	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28190	P	Security update for libapr-util1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31492	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:26392	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:27417	P	ibutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55819	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:30686	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:55323	P	libzypp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35323	P	Security update to ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:27561	P	rubygem-rack-1_4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33820	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26677	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27919	P	Security update for xorg-x11-libXfixes	2020-12-01
oval:org.opensuse.security:def:30554	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:26830	P	t1lib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27714	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31127	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:29809	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.opensuse.security:def:34204	P	Security update for perl-DBD-mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:27071	P	NetworkManager-gnome on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28118	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:34696	P	Security update for xorg-x11-libXrender	2020-12-01
oval:org.opensuse.security:def:27171	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28141	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31448	P	Security update for postgresql-init (Moderate)	2020-12-01
oval:org.opensuse.security:def:35345	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:27353	P	stunnel-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55711	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:28278	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:80088	P	Security update for mysql (Moderate)	2016-02-05
oval:org.opensuse.security:def:80257	P	Security update for mysql (Moderate)	2016-02-05
oval:com.ubuntu.xenial:def:201605020000000	V	CVE-2016-0502 on Ubuntu 16.04 LTS (xenial) - medium.	2016-01-21
oval:com.ubuntu.artful:def:20160502000	V	CVE-2016-0502 on Ubuntu 17.10 (artful) - medium.	2016-01-20
oval:com.ubuntu.precise:def:20160502000	V	CVE-2016-0502 on Ubuntu 12.04 LTS (precise) - medium.	2016-01-20
oval:com.ubuntu.trusty:def:20160502000	V	CVE-2016-0502 on Ubuntu 14.04 LTS (trusty) - medium.	2016-01-20
oval:com.ubuntu.xenial:def:20160502000	V	CVE-2016-0502 on Ubuntu 16.04 LTS (xenial) - medium.	2016-01-20

BACK