[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MySQL zero-day vulnerabilities (July 2016 CPU)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MySQL zero-day vulnerabilities (July 2016 CPU)
From: lem.nikolas@xxxxxxxxx
Date: Thu, 21 Jul 2016 21:36:56 GMT

MySQL is the most popular and most widely used database in the world. MySQL 
customers include NASA, US Navy, Google, Facebook, Twitter just to cite a few..

In partnership with Oracle Inc. we have worked delicately to enhance the 
security of the open-source product, and to identify and mitigate those 
vulnerabilities. 

Sincere thanks to Oracle Inc for the prompt response and adequate mitigation to 
the issues.

You can get a copy of the report here:

https://packetstormsecurity.com/files/download/138007/MySQL-Zerodays.pdf

The report corresponds to Oracle's (July 2016 CPU), in which we have discovered 
over 14 zero-day vulnerabilities affecting MySQL. CVE's, versions affected and 
all relevant information are enlisted in the CPU. 

Here's a link to Oracle's Critical Patch Update / July 2016 .

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

There are a number of issues affecting third-party technologies used by other 
popular products which would gather the interest of the community, but those 
will not be released as of yet, until the maintainers of those are informed...

Kind Regards,
Nicholas Lemonias, CEO

Advanced Information Security Corporation

Prev by Date: [SECURITY] [DSA 3624-1] mysql-5.5 security update
Next by Date: [security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS)
Previous by thread: [SECURITY] [DSA 3624-1] mysql-5.5 security update
Next by thread: MySQL zero-day vulnerabilities (July 2016 CPU)
Index(es):
- Date
- Thread