Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
{ "vanir_signatures": [ { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "process_options", "file": "client/mysql_plugin.c" }, "signature_type": "Function", "id": "CVE-2016-0546-20f8e646", "signature_version": "v1", "digest": { "function_hash": "47531622596619977029715184533317242589", "length": 1207.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "file": "client/mysqlshow.c" }, "signature_type": "Line", "id": "CVE-2016-0546-22aa5fee", "signature_version": "v1", "digest": { "line_hashes": [ "115405344983310410582542651149199378242", "194843805652316510878594158178565991269", "33954976485021384424793122155203151253", "334665244995697120805001869369363018346", "293708376788149311609417406012135863954", "327258160383603005483809425632661582506", "56343303859143354793933813300540428855", "131135266206520722474031088532788667154", "5493353616448939519869009684941088031", "45049474350052254756719987196789052441", "88274969499027644251180773108184418088", "57204115915690287317343124194591393122", "284469956467439852042573287944626426431", "314689793388748772055734985799726382011", "267210685751736042111710391773821609614", "205351096808621785534859802639652500189", "285772887605958533196095561325800919840", "135963675775985348069705498397289853113", "288202052015251320261826441946127133867", "22512927484845529532681295185427697643", "140903394597233346857150811387877119775", "41781843760178045791605672279243309175", "76246416098828551605944206771692056909", "263920852905688457994813570680689888486", "98891984757393277123696473854642113141", "153155518987714261481737742763148573053", "281520962727711697557559818754322945419", "288202052015251320261826441946127133867", "54741355079235892885922210194529934371", "199771992191373367224569934106046924445", "234865100920296644133208515477195259408", "82159467952166003691886266019717824227", "80216440168408937156529975214497764380", "141955731509497107809650649111507997325", "293329643563244916490853577771195032766", "282921795160099413306652792834317471065", "296067656914956557896436859270587842581", "263920852905688457994813570680689888486", "60719843973179210197829763743732374612", "184274700118356118367461631743293500211", "207176100348851544311371383824058367522", "314379419614051347549550848240962504644", "230018724127693914271821594594137466825" ], "threshold": 0.9 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "file": "client/mysql_plugin.c" }, "signature_type": "Line", "id": "CVE-2016-0546-27f7ef77", "signature_version": "v1", "digest": { "line_hashes": [ "73891943593151358213422032752344223518", "168712511212023742480567017728114030715", "222198783439685612655374990209457187180", "20815678513859381827721880298349609810", "192955112799431037307843004021103121628", "142066685936553446477080020433777977723", "109674093844196818214646135589397179775", "42149396837697724838858442332136488634", "261831593571035571425115624574374831611", "138857803593230021071506192251422317076", "76109622932398532339338194885221370285", "89412323738886720178031752751461693877", "87199462426977201281802954937537151522" ], "threshold": 0.9 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "check_options", "file": "client/mysql_plugin.c" }, "signature_type": "Function", "id": "CVE-2016-0546-3c1e8d30", "signature_version": "v1", "digest": { "function_hash": "40031717984823606215885920308778638926", "length": 2152.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "file": "regex/main.c" }, "signature_type": "Line", "id": "CVE-2016-0546-9bc78037", "signature_version": "v1", "digest": { "line_hashes": [ "120034458996837607139036545264090008488", "261819760152788058053391939023771727817", "155336384241264798913288726703281770745", "144962228401254038805861661625809618237", "186589799639534450598942665773345584877", "262515869095100730535126186794284169880", "32423115792033555785876702963135831523", "311146391181346884166972681655567734859", "253522580443014335328946769267542361455", "99767199885946639844893274574687410024", "89318330933087194054696354505639073917", "98372997690392234278370311479551861154", "123099286317499139756571134658399977908", "255698819501409231957363774187971994979", "23266843351072734785356667089627431292", "170578648277143222614544861216384636044", "4789603042038510167545389419137954818", "231849367014257376965448556555664375783", "132663887429310532999975775010071345918", "93670716486812408784732607256814304433", "76222585344621066765504253603259857350", "158561165254400645398412447071093526032", "86474948632672573090682121814987411301", "26183736241158358683689501114460512440" ], "threshold": 0.9 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "print_arrays_for", "file": "libmysql/conf_to_src.c" }, "signature_type": "Function", "id": "CVE-2016-0546-bf6ac509", "signature_version": "v1", "digest": { "function_hash": "301272186727860113189050655796002523205", "length": 679.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "list_tables", "file": "client/mysqlshow.c" }, "signature_type": "Function", "id": "CVE-2016-0546-cb08ea20", "signature_version": "v1", "digest": { "function_hash": "183198136284875103151071172925245243077", "length": 3205.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "file": "libmysql/conf_to_src.c" }, "signature_type": "Line", "id": "CVE-2016-0546-d380aa27", "signature_version": "v1", "digest": { "line_hashes": [ "64554873377195487275906630337907519676", "119969744616979542806018356851144757028", "99268476436296875437609430920217981491", "130705257482029388804508630891721916380", "199069277294699028399968103010735717056" ], "threshold": 0.9 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "list_dbs", "file": "client/mysqlshow.c" }, "signature_type": "Function", "id": "CVE-2016-0546-d493077a", "signature_version": "v1", "digest": { "function_hash": "71098886740152026246531609850510788514", "length": 2297.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "usage", "file": "client/mysql_plugin.c" }, "signature_type": "Function", "id": "CVE-2016-0546-d776ac6e", "signature_version": "v1", "digest": { "function_hash": "305087038746790944226107320728600575141", "length": 337.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "list_fields", "file": "client/mysqlshow.c" }, "signature_type": "Function", "id": "CVE-2016-0546-f79d0e53", "signature_version": "v1", "digest": { "function_hash": "183277213904360874665231044088063951206", "length": 1948.0 } }, { "deprecated": false, "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", "target": { "function": "list_table_status", "file": "client/mysqlshow.c" }, "signature_type": "Function", "id": "CVE-2016-0546-f8459ca1", "signature_version": "v1", "digest": { "function_hash": "114974499721027354426049427516131899493", "length": 933.0 } } ] }