Is Spectrum affected by the following MYSQL Vulnerabilities?
Affected Technology: MySQL
Vulnerability Severity: Medium
Reference: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
A local user can exploit a flaw in the Client component to gain elevated privileges [CVE-2016-0546].
A remote authenticated user can exploit a flaw in the Server: DML component to cause denial of service conditions [CVE-2016-0504].
A remote authenticated user can exploit a flaw in the Server: Options component to cause denial of service conditions [CVE-2016-0505].
A remote authenticated user can exploit a flaw in the Server: DML component to cause partial denial of service conditions [CVE-2016-0503], CVE-2016-0594, CVE-2016-0595, CVE-2016-0596].
A remote authenticated user can exploit a flaw in the Server: Optimizer component to cause partial denial of service conditions [CVE-2016-0502, CVE-2016-0597, CVE-2016-0599, CVE-2016-0611, CVE-2016-0616].
A remote authenticated user can exploit a flaw in the Server: DML component to cause partial denial of service conditions [CVE-2016-0598].
A remote authenticated user can exploit a flaw in the Server: InnoDB component to cause partial denial of service conditions [CVE-2016-0600, CVE-2016-0610].
A remote authenticated user can exploit a flaw in the Server: Partition component to cause partial denial of service conditions [CVE-2016-0601].
A remote authenticated user can exploit a flaw in the Server: Security: Encryption component to partially modify data [CVE-2016-0606].
A remote authenticated user can exploit a flaw in the Server: UDF component to cause partial denial of service conditions [CVE-2016-0608].
A remote user can exploit a flaw in the Server: Replication component to cause partial denial of service conditions [CVE-2016-0607].
A remote user can exploit a flaw in the Server: Security: Encryption component to partially access data [CVE-2015-7744].
A remote authenticated user can exploit a flaw in the Server: General component to cause partial denial of service conditions [CVE-2016-0605].
A remote user can exploit a flaw in the Server: Security: Privileges component to cause partial denial of service conditions [CVE-2016-0609].
Impact(s):
A remote user can partial access data on the target system.
A remote authenticated user can partially modify data on the target system.
A remote user can cause partial denial of service conditions.
A local user can obtain elevated privileges on the target system.
CVE:
CVE-2015-7744, CVE-2016-0502, CVE-2016-0503, CVE-2016-0504, CVE-2016-0505, CVE-2016-0546, CVE-2016-0594, CVE-2016-0595, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0599, CVE-2016-0600, CVE-2016-0601, CVE-2016-0605, CVE-2016-0606, CVE-2016-0607, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0611, CVE-2016-0616