CVE-2016-3471

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-3471
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3471.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-3471
Downstream
Published
2016-07-21T10:12:25.117Z
Modified
2026-04-11T04:02:08.769642Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Introduced
776555af021e917ce0d6235386b43ae59fdd5161
Fixed
f4421c893b50f05078f14d33c47d21f52f59f8a7
Introduced
c235de12ae3723b96944337bd89ad9cc87f21d8f
Fixed
370a2cbe96e026fdb8966d8e58e7c93f75597cb8
Database specific 
{
    "versions": [
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.0.22"
        },
        {
            "introduced": "10.1.0"
        },
        {
            "fixed": "10.1.9"
        }
    ]
}
Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Last affected
830bcff0edd3dd031932e60c7a70fe92a63fc404
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9c6193fad44e276fdadc4ea74c87c682daf2e947
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Fixed
b9768521bdeb1a8069c7b871f4536792b65fd79b
Database specific 
{
    "versions": [
        {
            "introduced": "5.5.0"
        },
        {
            "last_affected": "5.5.45"
        },
        {
            "introduced": "5.6.0"
        },
        {
            "last_affected": "5.6.26"
        },
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.5.46"
        }
    ]
}

Affected versions

mariadb-10.*
mariadb-10.1.0
mariadb-10.1.2
mariadb-10.1.3
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.5.15
mysql-5.5.19
mysql-5.5.23
mysql-5.5.25
mysql-5.5.27
mysql-5.5.44
mysql-5.5.45
mysql-5.6.26

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3471.json"
vanir_signatures 
[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "53228238731089417596214118720962938977",
                "277402405450698143280666152936637809078",
                "144031700655018854448410967691007543222",
                "67642837746220755452538215699521074013"
            ]
        },
        "id": "CVE-2016-3471-2e169b41",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "file": "extra/yassl/include/yassl_error.hpp"
        }
    },
    {
        "digest": {
            "length": 4731.0,
            "function_hash": "315503665402952802675592496886709669772"
        },
        "id": "CVE-2016-3471-3708afeb",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "function": "SetErrorString",
            "file": "extra/yassl/src/yassl_error.cpp"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "57248392826115285220715661389409750131",
                "119661056949224539051154886786283811515",
                "101696571178136960950076477160822307085"
            ]
        },
        "id": "CVE-2016-3471-464feddf",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "file": "extra/yassl/src/yassl_error.cpp"
        }
    },
    {
        "digest": {
            "length": 511.0,
            "function_hash": "65883879829300206530716652549419963265"
        },
        "id": "CVE-2016-3471-47119c80",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "function": "sendCertificateVerify",
            "file": "extra/yassl/src/handshake.cpp"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "206466407836171049544989872457880780103",
                "300898926962521654039968805530655777728",
                "53859862795470716343051009615782488068",
                "96932451662644561594274820598624521910"
            ]
        },
        "id": "CVE-2016-3471-711c1e15",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "file": "extra/yassl/src/handshake.cpp"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "318191172539277246755459617926955744505",
                "254541478843544755662381547845904652300",
                "54611158850969751301851086590952628930",
                "302163634400636825149017150007684831665",
                "189998908723996230938131694619656807943",
                "116866421171719334797154527726827554745",
                "63002157905645375881709121950844844710",
                "213730524434689387980355047141216967259",
                "171851186081481727127885226401230028656",
                "111686806875080769917645340067285185153"
            ]
        },
        "id": "CVE-2016-3471-93adb102",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "file": "extra/yassl/src/yassl_imp.cpp"
        }
    },
    {
        "digest": {
            "length": 2559.0,
            "function_hash": "46975870005828366040638209346810365877"
        },
        "id": "CVE-2016-3471-c6f15d99",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "function": "DH_Server::build",
            "file": "extra/yassl/src/yassl_imp.cpp"
        }
    },
    {
        "digest": {
            "length": 1279.0,
            "function_hash": "272044820098228092970937818851523802945"
        },
        "id": "CVE-2016-3471-f8130068",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b",
        "target": {
            "function": "CertificateVerify::Build",
            "file": "extra/yassl/src/yassl_imp.cpp"
        }
    }
]
vanir_signatures_modified 
"2026-04-11T04:02:08Z"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    }
]