CVE-2016-0546

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-0546
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-0546.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-0546
Downstream
Related
Published
2016-01-21T03:01:33Z
Modified
2025-09-19T11:12:50.028951Z
Summary
[none]
Details

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Introduced
5a6300dcc45da2d6c2b046560da0580548354b93
Fixed
40ae1b9b618fbbc3b494a896a9d074b74e414337
Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0dbd5a8797ed4bd18e8b883988fb62177eb0f73f

Affected versions

mysql-3.*

mysql-3.23.22-beta
mysql-3.23.24-beta
mysql-3.23.27-beta
mysql-3.23.28-gamma
mysql-3.23.29a-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.34
mysql-3.23.35
mysql-3.23.36
mysql-3.23.37
mysql-3.23.38
mysql-3.23.39
mysql-3.23.41
mysql-3.23.42
mysql-3.23.44
mysql-3.23.45
mysql-3.23.46
mysql-3.23.47
mysql-3.23.48
mysql-3.23.50
mysql-3.23.51
mysql-3.23.52
mysql-3.23.53
mysql-3.23.54
mysql-3.23.55
mysql-3.23.56
mysql-3.23.57
mysql-3.23.58

mysql-4.*

mysql-4.0.1
mysql-4.0.10
mysql-4.0.11
mysql-4.0.12
mysql-4.0.13
mysql-4.0.14
mysql-4.0.15
mysql-4.0.16
mysql-4.0.17
mysql-4.0.18
mysql-4.0.19
mysql-4.0.2
mysql-4.0.20
mysql-4.0.21
mysql-4.0.22
mysql-4.0.23
mysql-4.0.24
mysql-4.0.25
mysql-4.0.26
mysql-4.0.27
mysql-4.0.28
mysql-4.0.3
mysql-4.0.30
mysql-4.0.4
mysql-4.0.5
mysql-4.0.6
mysql-4.0.7
mysql-4.0.8
mysql-4.0.9
mysql-4.1.0
mysql-4.1.1
mysql-4.1.10
mysql-4.1.10a
mysql-4.1.10b
mysql-4.1.11
mysql-4.1.12
mysql-4.1.13
mysql-4.1.13a
mysql-4.1.14
mysql-4.1.15
mysql-4.1.16
mysql-4.1.18
mysql-4.1.19
mysql-4.1.2
mysql-4.1.20
mysql-4.1.21
mysql-4.1.22
mysql-4.1.23
mysql-4.1.24
mysql-4.1.3
mysql-4.1.4
mysql-4.1.5
mysql-4.1.6
mysql-4.1.7
mysql-4.1.8
mysql-4.1.9

mysql-5.*

mysql-5.0.0
mysql-5.0.1
mysql-5.0.10
mysql-5.0.10a
mysql-5.0.11
mysql-5.0.12
mysql-5.0.13
mysql-5.0.14
mysql-5.0.15
mysql-5.0.16
mysql-5.0.16a
mysql-5.0.17
mysql-5.0.17b
mysql-5.0.18
mysql-5.0.19
mysql-5.0.19a
mysql-5.0.2
mysql-5.0.2-alpha
mysql-5.0.20
mysql-5.0.20a
mysql-5.0.21
mysql-5.0.22
mysql-5.0.23
mysql-5.0.24
mysql-5.0.24a
mysql-5.0.25
mysql-5.0.26
mysql-5.0.27
mysql-5.0.28
mysql-5.0.3
mysql-5.0.30
mysql-5.0.32
mysql-5.0.33
mysql-5.0.34
mysql-5.0.36
mysql-5.0.37
mysql-5.0.38
mysql-5.0.4
mysql-5.0.40
mysql-5.0.41
mysql-5.0.42
mysql-5.0.44
mysql-5.0.45
mysql-5.0.46
mysql-5.0.48
mysql-5.0.5
mysql-5.0.50
mysql-5.0.51
mysql-5.0.51a
mysql-5.0.52
mysql-5.0.54
mysql-5.0.54a
mysql-5.0.56
mysql-5.0.58
mysql-5.0.6
mysql-5.0.60
mysql-5.0.60sp1
mysql-5.0.62
mysql-5.0.64
mysql-5.0.66
mysql-5.0.66a
mysql-5.0.66sp1
mysql-5.0.67
mysql-5.0.68
mysql-5.0.7
mysql-5.0.70
mysql-5.0.72
mysql-5.0.72sp1
mysql-5.0.74
mysql-5.0.74sp1
mysql-5.0.75
mysql-5.0.76
mysql-5.0.77
mysql-5.0.78
mysql-5.0.79
mysql-5.0.8
mysql-5.0.80
mysql-5.0.81
mysql-5.0.82
mysql-5.0.82sp1
mysql-5.0.83
mysql-5.0.84
mysql-5.0.84sp1
mysql-5.0.85
mysql-5.0.86
mysql-5.0.87
mysql-5.0.87sp1
mysql-5.0.88
mysql-5.0.9
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.11
mysql-5.1.12
mysql-5.1.13
mysql-5.1.14
mysql-5.1.15
mysql-5.1.16
mysql-5.1.17
mysql-5.1.18
mysql-5.1.18-ndb-6.2.1
mysql-5.1.19
mysql-5.1.20
mysql-5.1.20-beta
mysql-5.1.21
mysql-5.1.22
mysql-5.1.23
mysql-5.1.24
mysql-5.1.25
mysql-5.1.26
mysql-5.1.28
mysql-5.1.29
mysql-5.1.3
mysql-5.1.30
mysql-5.1.31
mysql-5.1.31sp1
mysql-5.1.32
mysql-5.1.33
mysql-5.1.34
mysql-5.1.34sp1
mysql-5.1.35
mysql-5.1.36
mysql-5.1.37
mysql-5.1.37sp1
mysql-5.1.38
mysql-5.1.39
mysql-5.1.4
mysql-5.1.40
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.5
mysql-5.1.5-for-windows
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.6
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.7
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.1.9
mysql-5.4.1
mysql-5.4.2
mysql-5.4.3
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.5-m3
mysql-5.5.6-rc
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9

Database specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "process_options",
                "file": "client/mysql_plugin.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-20f8e646",
            "signature_version": "v1",
            "digest": {
                "function_hash": "47531622596619977029715184533317242589",
                "length": 1207.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "file": "client/mysqlshow.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-0546-22aa5fee",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "115405344983310410582542651149199378242",
                    "194843805652316510878594158178565991269",
                    "33954976485021384424793122155203151253",
                    "334665244995697120805001869369363018346",
                    "293708376788149311609417406012135863954",
                    "327258160383603005483809425632661582506",
                    "56343303859143354793933813300540428855",
                    "131135266206520722474031088532788667154",
                    "5493353616448939519869009684941088031",
                    "45049474350052254756719987196789052441",
                    "88274969499027644251180773108184418088",
                    "57204115915690287317343124194591393122",
                    "284469956467439852042573287944626426431",
                    "314689793388748772055734985799726382011",
                    "267210685751736042111710391773821609614",
                    "205351096808621785534859802639652500189",
                    "285772887605958533196095561325800919840",
                    "135963675775985348069705498397289853113",
                    "288202052015251320261826441946127133867",
                    "22512927484845529532681295185427697643",
                    "140903394597233346857150811387877119775",
                    "41781843760178045791605672279243309175",
                    "76246416098828551605944206771692056909",
                    "263920852905688457994813570680689888486",
                    "98891984757393277123696473854642113141",
                    "153155518987714261481737742763148573053",
                    "281520962727711697557559818754322945419",
                    "288202052015251320261826441946127133867",
                    "54741355079235892885922210194529934371",
                    "199771992191373367224569934106046924445",
                    "234865100920296644133208515477195259408",
                    "82159467952166003691886266019717824227",
                    "80216440168408937156529975214497764380",
                    "141955731509497107809650649111507997325",
                    "293329643563244916490853577771195032766",
                    "282921795160099413306652792834317471065",
                    "296067656914956557896436859270587842581",
                    "263920852905688457994813570680689888486",
                    "60719843973179210197829763743732374612",
                    "184274700118356118367461631743293500211",
                    "207176100348851544311371383824058367522",
                    "314379419614051347549550848240962504644",
                    "230018724127693914271821594594137466825"
                ],
                "threshold": 0.9
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "file": "client/mysql_plugin.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-0546-27f7ef77",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "73891943593151358213422032752344223518",
                    "168712511212023742480567017728114030715",
                    "222198783439685612655374990209457187180",
                    "20815678513859381827721880298349609810",
                    "192955112799431037307843004021103121628",
                    "142066685936553446477080020433777977723",
                    "109674093844196818214646135589397179775",
                    "42149396837697724838858442332136488634",
                    "261831593571035571425115624574374831611",
                    "138857803593230021071506192251422317076",
                    "76109622932398532339338194885221370285",
                    "89412323738886720178031752751461693877",
                    "87199462426977201281802954937537151522"
                ],
                "threshold": 0.9
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "check_options",
                "file": "client/mysql_plugin.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-3c1e8d30",
            "signature_version": "v1",
            "digest": {
                "function_hash": "40031717984823606215885920308778638926",
                "length": 2152.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "file": "regex/main.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-0546-9bc78037",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "120034458996837607139036545264090008488",
                    "261819760152788058053391939023771727817",
                    "155336384241264798913288726703281770745",
                    "144962228401254038805861661625809618237",
                    "186589799639534450598942665773345584877",
                    "262515869095100730535126186794284169880",
                    "32423115792033555785876702963135831523",
                    "311146391181346884166972681655567734859",
                    "253522580443014335328946769267542361455",
                    "99767199885946639844893274574687410024",
                    "89318330933087194054696354505639073917",
                    "98372997690392234278370311479551861154",
                    "123099286317499139756571134658399977908",
                    "255698819501409231957363774187971994979",
                    "23266843351072734785356667089627431292",
                    "170578648277143222614544861216384636044",
                    "4789603042038510167545389419137954818",
                    "231849367014257376965448556555664375783",
                    "132663887429310532999975775010071345918",
                    "93670716486812408784732607256814304433",
                    "76222585344621066765504253603259857350",
                    "158561165254400645398412447071093526032",
                    "86474948632672573090682121814987411301",
                    "26183736241158358683689501114460512440"
                ],
                "threshold": 0.9
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "print_arrays_for",
                "file": "libmysql/conf_to_src.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-bf6ac509",
            "signature_version": "v1",
            "digest": {
                "function_hash": "301272186727860113189050655796002523205",
                "length": 679.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "list_tables",
                "file": "client/mysqlshow.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-cb08ea20",
            "signature_version": "v1",
            "digest": {
                "function_hash": "183198136284875103151071172925245243077",
                "length": 3205.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "file": "libmysql/conf_to_src.c"
            },
            "signature_type": "Line",
            "id": "CVE-2016-0546-d380aa27",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "64554873377195487275906630337907519676",
                    "119969744616979542806018356851144757028",
                    "99268476436296875437609430920217981491",
                    "130705257482029388804508630891721916380",
                    "199069277294699028399968103010735717056"
                ],
                "threshold": 0.9
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "list_dbs",
                "file": "client/mysqlshow.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-d493077a",
            "signature_version": "v1",
            "digest": {
                "function_hash": "71098886740152026246531609850510788514",
                "length": 2297.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "usage",
                "file": "client/mysql_plugin.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-d776ac6e",
            "signature_version": "v1",
            "digest": {
                "function_hash": "305087038746790944226107320728600575141",
                "length": 337.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "list_fields",
                "file": "client/mysqlshow.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-f79d0e53",
            "signature_version": "v1",
            "digest": {
                "function_hash": "183277213904360874665231044088063951206",
                "length": 1948.0
            }
        },
        {
            "deprecated": false,
            "source": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f",
            "target": {
                "function": "list_table_status",
                "file": "client/mysqlshow.c"
            },
            "signature_type": "Function",
            "id": "CVE-2016-0546-f8459ca1",
            "signature_version": "v1",
            "digest": {
                "function_hash": "114974499721027354426049427516131899493",
                "length": 933.0
            }
        }
    ]
}