Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
{ "vanir_signatures": [ { "id": "CVE-2017-3309-017750b4", "digest": { "length": 595.0, "function_hash": "42526495682318897469202677931179336455" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "init_dumping" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-0778ee24", "digest": { "length": 10937.0, "function_hash": "227475061533329738085031105100031106996" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "get_table_structure" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-0b2a382b", "digest": { "length": 3056.0, "function_hash": "283872701544742768257779130745336628180" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_events_for_db" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-0deb9fd5", "digest": { "length": 1749.0, "function_hash": "61031449315181416583737506107960987338" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "write_header" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-230fc291", "digest": { "threshold": 0.9, "line_hashes": [ "287840253208859831013181147116206525376", "324136547317919813359352064277236333715", "282430677639818099929617913825166653421", "147139391803266763314761740611417390198", "258802801894329452504020721432820698677", "91138205289354102969073748767653790743", "233493404795263154842363746119238816673", "309355098527796234463986548578076187884", "246521560388497353004885266086561128681", "65595240965851819816944346960684994155", "321094355807444156552637940556050534243", "173566830439109051968149803806679781001", "199290765851492278749490509745647329182", "45989153402127012733139951888311868178", "114416289830545276075284455762878229460", "277119867620039162696505662519865168492", "1406835726190704947481628521158899781", "174614877685627249914600596442902313165", "99127866680226208064705749248054614695", "39471861491129910410498619482011041391", "281380462612982588805056671783939902254", "276555443743869160836284840037473276887", "63704244798856370080746536556622922021", "196970177491568200692872190131374048986", "211909851172610884740259624997676708138", "24854640261605884487014526616906487662", "206025079568806760122742316187267806127", "311871759366108697833006663439889249742", "221096165144546299147742464005478717924", "105220650397672059064628403102505049061", "18628631760629166584977079678764798872", "119656696777604396040253590625706193749", "221096165144546299147742464005478717924", "168602443676074510547085005830811337443", "114424463055898619066660915433101962969", "153916697495976485808117997579764618991", "180695665933106799821938816193290640991", "317750465811503273914953924986043255767", "299148576020784136739117619416196108572", "118157318188170081201040706357790495674", "41102378010887911272271175550789649896", "149518576500014602976768066358926314484", "54189500566898801091712575313356035066", "44002167410011708810019578410179393524", "203679880670483351499138583783885028443", "270476162896496040883649640857060526904", "204451005490097465986732821480961200936", "223608088947237646770529443703107663724", "250724728853505500189006708705469851241", "97779087057840683929947270035268598704", "332940999390577626529849682776968183891", "171433106859136870351199048718637400189", "260127954252147593913051498861828999833", "292556811704801901721130727931310806132", "315481399744044133717527275946904624115", "144450971157728465792195077319518344721", "138134974382930509413378452785541640177", "93139083326288700668774484888006665665" ] }, "signature_version": "v1", "target": { "file": "client/mysqldump.c" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-3566e59d", "digest": { "length": 9653.0, "function_hash": "273064814930547228481748278923107127025" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_table" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-3d5cc0a7", "digest": { "length": 1749.0, "function_hash": "61031449315181416583737506107960987338" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "write_header" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-3dd1fd8a", "digest": { "length": 595.0, "function_hash": "42526495682318897469202677931179336455" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "init_dumping" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-573a3d7b", "digest": { "length": 3068.0, "function_hash": "229205966501763571287196631931031338507" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_routines_for_db" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-77a2b85b", "digest": { "length": 3068.0, "function_hash": "229205966501763571287196631931031338507" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_routines_for_db" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-7c5b056e", "digest": { "length": 3056.0, "function_hash": "283872701544742768257779130745336628180" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_events_for_db" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-89d625e9", "digest": { "length": 4417.0, "function_hash": "52340132320564584267245206336274565455" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "get_view_structure" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-923416e2", "digest": { "length": 9653.0, "function_hash": "273064814930547228481748278923107127025" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "dump_table" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-ba0ccb33", "digest": { "threshold": 0.9, "line_hashes": [ "287840253208859831013181147116206525376", "324136547317919813359352064277236333715", "282430677639818099929617913825166653421", "147139391803266763314761740611417390198", "258802801894329452504020721432820698677", "91138205289354102969073748767653790743", "233493404795263154842363746119238816673", "309355098527796234463986548578076187884", "246521560388497353004885266086561128681", "65595240965851819816944346960684994155", "321094355807444156552637940556050534243", "173566830439109051968149803806679781001", "199290765851492278749490509745647329182", "45989153402127012733139951888311868178", "114416289830545276075284455762878229460", "277119867620039162696505662519865168492", "1406835726190704947481628521158899781", "174614877685627249914600596442902313165", "99127866680226208064705749248054614695", "39471861491129910410498619482011041391", "281380462612982588805056671783939902254", "276555443743869160836284840037473276887", "63704244798856370080746536556622922021", "196970177491568200692872190131374048986", "211909851172610884740259624997676708138", "24854640261605884487014526616906487662", "206025079568806760122742316187267806127", "311871759366108697833006663439889249742", "221096165144546299147742464005478717924", "105220650397672059064628403102505049061", "18628631760629166584977079678764798872", "119656696777604396040253590625706193749", "221096165144546299147742464005478717924", "168602443676074510547085005830811337443", "114424463055898619066660915433101962969", "153916697495976485808117997579764618991", "180695665933106799821938816193290640991", "317750465811503273914953924986043255767", "299148576020784136739117619416196108572", "118157318188170081201040706357790495674", "41102378010887911272271175550789649896", "149518576500014602976768066358926314484", "54189500566898801091712575313356035066", "44002167410011708810019578410179393524", "203679880670483351499138583783885028443", "270476162896496040883649640857060526904", "204451005490097465986732821480961200936", "223608088947237646770529443703107663724", "250724728853505500189006708705469851241", "97779087057840683929947270035268598704", "332940999390577626529849682776968183891", "171433106859136870351199048718637400189", "260127954252147593913051498861828999833", "292556811704801901721130727931310806132", "315481399744044133717527275946904624115", "144450971157728465792195077319518344721", "138134974382930509413378452785541640177", "93139083326288700668774484888006665665" ] }, "signature_version": "v1", "target": { "file": "client/mysqldump.c" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-be381038", "digest": { "length": 4417.0, "function_hash": "52340132320564584267245206336274565455" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "get_view_structure" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" }, { "id": "CVE-2017-3309-d56a3b4a", "digest": { "length": 10937.0, "function_hash": "227475061533329738085031105100031106996" }, "signature_version": "v1", "target": { "file": "client/mysqldump.c", "function": "get_table_structure" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9" } ] }