CVE-2014-2440

NameCVE-2014-2440
DescriptionUnspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2919-1
NVD severitymedium
Debian Bugs744910, 745330

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mariadb-10.0source(unstable)(not affected)
mariadb-5.5source(unstable)5.5.37-1745330
mysql-5.1source(unstable)(not affected)
mysql-5.5sourcewheezy5.5.37-0+wheezy1DSA-2919-1
mysql-5.5source(unstable)5.5.37-1744910
percona-xtradb-cluster-5.5source(unstable)5.5.37-25.10+dfsg-1

Notes

- mariadb-10.0 <not-affected> (Fixed before initial upload)
- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
this is the same issue as CVE-2014-0001, see https://www.openwall.com/lists/oss-security/2014/09/11/23

Search for package or bug name: Reporting problems