[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201607212136.u6LLaukA029152@sf01web3.securityfocus.com>
Date: Thu, 21 Jul 2016 21:36:56 GMT
From: lem.nikolas@...il.com
To: bugtraq@...urityfocus.com
Subject: MySQL zero-day vulnerabilities (July 2016 CPU)
MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google, Facebook, Twitter just to cite a few..
In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to identify and mitigate those vulnerabilities.
Sincere thanks to Oracle Inc for the prompt response and adequate mitigation to the issues.
You can get a copy of the report here:
https://packetstormsecurity.com/files/download/138007/MySQL-Zerodays.pdf
The report corresponds to Oracle's (July 2016 CPU), in which we have discovered over 14 zero-day vulnerabilities affecting MySQL. CVE's, versions affected and all relevant information are enlisted in the CPU.
Here's a link to Oracle's Critical Patch Update / July 2016 .
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
There are a number of issues affecting third-party technologies used by other popular products which would gather the interest of the community, but those will not be released as of yet, until the maintainers of those are informed...
Kind Regards,
Nicholas Lemonias, CEO
Advanced Information Security Corporation
Powered by blists - more mailing lists