CVE-2013-0375
Publication date 16 January 2013
Last updated 24 July 2024
Ubuntu priority
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| mysql-5.1 | ||
| mysql-5.5 | ||
| mysql-cluster-7.0 | ||
| mysql-dfsg-5.0 | ||
| mysql-dfsg-5.1 | ||
Notes
jdstrand
mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
5.4 · Medium
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity impact | Low |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-1703-1
- MySQL vulnerabilities
- 22 January 2013