Fluid Attacks Database

Description

Improper Access Control in MySQL Connectors Java Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
maven	mysql:mysql-connector-java	>=0 <5.1.35	5.1.35
rpm rhel7	mysql-connector-java	-	-
rpm rhel6	mysql-connector-java	-	-

Aliases

1. CVE-2015-25752. NVD-2015-25753. OSV-2015-25754. GCVE-2015-2575

References

1. https://security.netapp.com/advisory/ntap-20150417-00032. http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html3. http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html4. http://www.debian.org/security/2016/dsa-36215. http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.