CVE-2017-3265

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-3265
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3265.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-3265
Downstream
Related
Published
2017-01-27T22:59:03.087Z
Modified
2026-03-15T22:26:47.105288Z
Severity
  • 5.6 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Introduced
776555af021e917ce0d6235386b43ae59fdd5161
Fixed
5fc1ba604e27b7d9eaa2977ef5b0c180f6f62565
Introduced
c235de12ae3723b96944337bd89ad9cc87f21d8f
Fixed
f7d030489d2980c9deb733925515099ec256f6d2
Database specific 
{
    "versions": [
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.0.29"
        },
        {
            "introduced": "10.1.0"
        },
        {
            "fixed": "10.1.21"
        }
    ]
}
Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Last affected
5c6169fb309981b564a17bee31b367a18866d674
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ae41ce7c4ecff5e1e336ab768867370b8c94e02d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
270fd3411e3d671a73ed9725940a30080f59ce6d
Introduced
54df0057e18d8c82c23fbd4e0bf5b5dc2e762955
Fixed
c8f0eeb9c8596be83fefb7fef9f9871e53edb020
Database specific 
{
    "versions": [
        {
            "introduced": "5.5.0"
        },
        {
            "last_affected": "5.5.53"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.5.54"
        }
    ]
}

Affected versions

mariadb-10.*
mariadb-10.0.13
mariadb-10.0.14
mariadb-10.0.15
mariadb-10.0.16
mariadb-10.0.17
mariadb-10.0.18
mariadb-10.0.19
mariadb-10.0.20
mariadb-10.0.21
mariadb-10.0.22
mariadb-10.0.23
mariadb-10.0.24
mariadb-10.0.25
mariadb-10.0.26
mariadb-10.0.27
mariadb-10.0.28
mariadb-10.0.29
mariadb-10.1.0
mariadb-5.*
mariadb-5.5.39
mariadb-5.5.40
mariadb-5.5.41
mariadb-5.5.42
mariadb-5.5.43
mariadb-5.5.44
mariadb-5.5.45
mariadb-5.5.46
mariadb-5.5.47
mariadb-5.5.48
mariadb-5.5.49
mariadb-5.5.50
mariadb-5.5.51
mariadb-5.5.52
mariadb-5.5.53
mariadb-5.5.54
mariadb-galera-10.*
mariadb-galera-10.0.10
mariadb-galera-10.0.11
mariadb-galera-10.0.12
mariadb-galera-10.0.13
mariadb-galera-10.0.14
mariadb-galera-10.0.15
mariadb-galera-10.0.16
mariadb-galera-10.0.17
mariadb-galera-10.0.19
mariadb-galera-10.0.20
mariadb-galera-10.0.21
mariadb-galera-10.0.22
mariadb-galera-10.0.23
mariadb-galera-10.0.24
mariadb-galera-10.0.25
mariadb-galera-10.0.26
mariadb-galera-10.0.27
mariadb-galera-10.0.28
mariadb-galera-10.0.7
mariadb-galera-10.0.7a
mariadb-galera-5.*
mariadb-galera-5.5.25
mariadb-galera-5.5.28a
mariadb-galera-5.5.29
mariadb-galera-5.5.32
mariadb-galera-5.5.32a
mariadb-galera-5.5.34
mariadb-galera-5.5.35
mariadb-galera-5.5.36
mariadb-galera-5.5.36a
mariadb-galera-5.5.37
mariadb-galera-5.5.38
mariadb-galera-5.5.39
mariadb-galera-5.5.40
mariadb-galera-5.5.41
mariadb-galera-5.5.42
mariadb-galera-5.5.43
mariadb-galera-5.5.44
mariadb-galera-5.5.45
mariadb-galera-5.5.46
mariadb-galera-5.5.47
mariadb-galera-5.5.48
mariadb-galera-5.5.49
mariadb-galera-5.5.50
mariadb-galera-5.5.51
mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.6-rc
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3265.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "5.6.0"
            },
            {
                "last_affected": "5.6.34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.7.0"
            },
            {
                "last_affected": "5.7.16"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    }
]
vanir_signatures 
[
    {
        "signature_version": "v1",
        "target": {
            "file": "storage/xtradb/handler/ha_innodb.cc",
            "function": "wsrep_calc_row_hash"
        },
        "source": "https://github.com/mariadb/server/commit/5fc1ba604e27b7d9eaa2977ef5b0c180f6f62565",
        "deprecated": false,
        "digest": {
            "function_hash": "326577626690167958606778565745841641029",
            "length": 1075.0
        },
        "id": "CVE-2017-3265-2235861b",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "storage/xtradb/handler/ha_innodb.cc",
            "function": "wsrep_store_key_val_for_row"
        },
        "source": "https://github.com/mariadb/server/commit/5fc1ba604e27b7d9eaa2977ef5b0c180f6f62565",
        "deprecated": false,
        "digest": {
            "function_hash": "175766638502419520218478376205151830061",
            "length": 4678.0
        },
        "id": "CVE-2017-3265-76d7bb16",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "storage/xtradb/handler/ha_innodb.cc"
        },
        "source": "https://github.com/mariadb/server/commit/5fc1ba604e27b7d9eaa2977ef5b0c180f6f62565",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "333910009814716899599761924093289489726",
                "161392224999518567510718607174078569010",
                "161097539754424727880941917296259394470",
                "86950865214847603434991963376525204394",
                "149603238303571009756227611135528613560",
                "246754121958178494555659751381354980297",
                "112180117738318881565344278433296106535",
                "56934855970519006216491266214889014278",
                "177233899003535037117533813868483428969",
                "91781135331166554714959393998795539181",
                "231826346572631787101747650932251996807",
                "120129231197026531763378830534168927209",
                "78750874032296690609296176761798461946",
                "37466225183381131843040316628502534513",
                "73966958620296014639090697993023755838",
                "302517151867660583156292446738041253690",
                "320251111942484271165771358375346713457",
                "137617643939518963627606737565894291194"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2017-3265-d7841ca0",
        "signature_type": "Line"
    }
]