Bug 952866 (CVE-2013-2375)

Summary: CVE-2013-2375 mysql: unspecified vulnerability related to Server Privileges (CPU April 2013)
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: Bjorn.Munch, byte, hhorak
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-25 21:31:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 953084, 953085    
Bug Blocks: 952846, 952853    

Description Vincent Danen 2013-04-16 21:50:19 UTC
An unspecified vulnerability in the Server Privileges subcomponent of Oracle MySQL allows remote authenticated attackers to cause a denial of service as well as impact the confidentiality and integrity of the server via unspecified vectors.

This flaw affects MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier.

External References:

http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html#AppendixMSQL

Comment 2 errata-xmlrpc 2013-04-25 17:31:27 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0772 https://rhn.redhat.com/errata/RHSA-2013-0772.html