Threat Finder

Threat ID
2788
Threat Date
07/24/2013
Threat Name
Critical Patch Update - July 2013
CVE Reference
CVE-2013-1861
CVE-2013-3810
CVE-2013-3812
CVE-2013-3811
CVE-2013-3807
CVE-2013-3794
CVE-2013-3783
CVE-2013-3801
CVE-2013-3808
CVE-2013-3796
CVE-2013-3804
CVE-2013-3805
CVE-2013-3806
CVE-2013
CCE Reference
CCE-NO-MATCH
Risk
High
Database Type
MySQL
Category
Patchable Vulnerabilities
Versions
MySQL 5.1, 5.5 and 5.6
Summary
Oracle Critical Patch Update (CPU) for July 2013 is a collection of patches that includes security fixes for 18 vulnerabilities for MySQL Database Server. These vulnerabilities were reported by several sources.
Overview
18 security vulnerabilities were fixed in July 2013 CPU for MySQL Database Server. Two of these vulnerabilities may be remotely exploited without authentication. The most severe one of these vulnerabilities received a CVSS Base Score of 6.8.

The components that are affected by this CPU is MySQL Server. None of these fixes are applicable to client-only installations, i.e., installations that do not have the MySQL Database Server installed.
References
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
https://support.oracle.com/rs?type=doc&id=1563224.1
VMSKey
STIGID

Additional information including fix script information is available in the licensed versions of Application Security's DbProtect and AppDetectivePro solutions.

Powered by