{"id":"CVE-2016-3471","details":"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.","modified":"2026-02-24T01:17:22.510346Z","published":"2016-07-21T10:12:25.117Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0534.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0705.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1480.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1481.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/91787"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/91913"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036362"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1132"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"5bfe1a3917ee1bddc7f2cde0c88961875148873c"},{"fixed":"b9768521bdeb1a8069c7b871f4536792b65fd79b"},{"introduced":"776555af021e917ce0d6235386b43ae59fdd5161"},{"fixed":"d775ecdd010daad4dc6147fba58acd006bf2c60c"},{"introduced":"b11c4651917bd4472ea8837c64e6d1072a2a19e9"},{"fixed":"370a2cbe96e026fdb8966d8e58e7c93f75597cb8"}]}],"database_specific":{"vanir_signatures":[{"signature_type":"Function","digest":{"length":1279,"function_hash":"272044820098228092970937818851523802945"},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-5c63033b","deprecated":false,"target":{"function":"CertificateVerify::Build","file":"extra/yassl/src/yassl_imp.cpp"}},{"signature_type":"Function","digest":{"length":4731,"function_hash":"315503665402952802675592496886709669772"},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-7005bf51","deprecated":false,"target":{"function":"SetErrorString","file":"extra/yassl/src/yassl_error.cpp"}},{"signature_type":"Function","digest":{"length":2559,"function_hash":"46975870005828366040638209346810365877"},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-8c3171f1","deprecated":false,"target":{"function":"DH_Server::build","file":"extra/yassl/src/yassl_imp.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["57248392826115285220715661389409750131","119661056949224539051154886786283811515","101696571178136960950076477160822307085"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-8d5793e4","deprecated":false,"target":{"file":"extra/yassl/src/yassl_error.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["318191172539277246755459617926955744505","254541478843544755662381547845904652300","54611158850969751301851086590952628930","302163634400636825149017150007684831665","189998908723996230938131694619656807943","116866421171719334797154527726827554745","63002157905645375881709121950844844710","213730524434689387980355047141216967259","171851186081481727127885226401230028656","111686806875080769917645340067285185153"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-bda7a2dd","deprecated":false,"target":{"file":"extra/yassl/src/yassl_imp.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["53228238731089417596214118720962938977","277402405450698143280666152936637809078","144031700655018854448410967691007543222","67642837746220755452538215699521074013"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-cbe2a036","deprecated":false,"target":{"file":"extra/yassl/include/yassl_error.hpp"}},{"signature_type":"Function","digest":{"length":511,"function_hash":"65883879829300206530716652549419963265"},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-e6670ae9","deprecated":false,"target":{"function":"sendCertificateVerify","file":"extra/yassl/src/handshake.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["206466407836171049544989872457880780103","300898926962521654039968805530655777728","53859862795470716343051009615782488068","96932451662644561594274820598624521910"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-f20a4f0f","deprecated":false,"target":{"file":"extra/yassl/src/handshake.cpp"}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3471.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"54df0057e18d8c82c23fbd4e0bf5b5dc2e762955"},{"fixed":"b9768521bdeb1a8069c7b871f4536792b65fd79b"}]}],"versions":["mysql-5.0.87sp1","mysql-5.0.90","mysql-5.0.91","mysql-5.0.92","mysql-5.0.93","mysql-5.0.94","mysql-5.0.95","mysql-5.0.96","mysql-5.1.40sp1","mysql-5.1.41","mysql-5.1.42","mysql-5.1.43","mysql-5.1.43sp1","mysql-5.1.44","mysql-5.1.45","mysql-5.1.46","mysql-5.1.46sp1","mysql-5.1.47","mysql-5.1.48","mysql-5.1.49","mysql-5.1.49sp1","mysql-5.1.50","mysql-5.1.51","mysql-5.1.52","mysql-5.1.52sp1","mysql-5.1.53","mysql-5.1.54","mysql-5.1.55","mysql-5.1.56","mysql-5.1.57","mysql-5.1.58","mysql-5.1.59","mysql-5.1.60","mysql-5.1.61","mysql-5.1.62","mysql-5.1.63","mysql-5.1.65","mysql-5.1.66","mysql-5.1.67","mysql-5.1.68","mysql-5.1.69","mysql-5.1.69-retag","mysql-5.1.70","mysql-5.1.71","mysql-5.1.72","mysql-5.1.73","mysql-5.1.74","mysql-5.1.75","mysql-5.1.76","mysql-5.1.77","mysql-5.5.0","mysql-5.5.1-m2","mysql-5.5.10","mysql-5.5.11","mysql-5.5.12","mysql-5.5.13","mysql-5.5.14","mysql-5.5.15","mysql-5.5.16","mysql-5.5.17","mysql-5.5.18","mysql-5.5.19","mysql-5.5.2-m2","mysql-5.5.20","mysql-5.5.21","mysql-5.5.22","mysql-5.5.23","mysql-5.5.24","mysql-5.5.25","mysql-5.5.25a","mysql-5.5.27","mysql-5.5.28","mysql-5.5.29","mysql-5.5.3-m3","mysql-5.5.30","mysql-5.5.31","mysql-5.5.32","mysql-5.5.33","mysql-5.5.34","mysql-5.5.35","mysql-5.5.36","mysql-5.5.37","mysql-5.5.38","mysql-5.5.39","mysql-5.5.40","mysql-5.5.41","mysql-5.5.42","mysql-5.5.43","mysql-5.5.44","mysql-5.5.45","mysql-5.5.5-m3","mysql-5.5.6-rc","mysql-5.5.7","mysql-5.5.8","mysql-5.5.9"],"database_specific":{"vanir_signatures":[{"signature_type":"Line","digest":{"line_hashes":["53228238731089417596214118720962938977","277402405450698143280666152936637809078","144031700655018854448410967691007543222","67642837746220755452538215699521074013"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-2e169b41","deprecated":false,"target":{"file":"extra/yassl/include/yassl_error.hpp"}},{"signature_type":"Function","digest":{"length":4731,"function_hash":"315503665402952802675592496886709669772"},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-3708afeb","deprecated":false,"target":{"function":"SetErrorString","file":"extra/yassl/src/yassl_error.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["57248392826115285220715661389409750131","119661056949224539051154886786283811515","101696571178136960950076477160822307085"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-464feddf","deprecated":false,"target":{"file":"extra/yassl/src/yassl_error.cpp"}},{"signature_type":"Function","digest":{"length":511,"function_hash":"65883879829300206530716652549419963265"},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-47119c80","deprecated":false,"target":{"function":"sendCertificateVerify","file":"extra/yassl/src/handshake.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["206466407836171049544989872457880780103","300898926962521654039968805530655777728","53859862795470716343051009615782488068","96932451662644561594274820598624521910"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-711c1e15","deprecated":false,"target":{"file":"extra/yassl/src/handshake.cpp"}},{"signature_type":"Line","digest":{"line_hashes":["318191172539277246755459617926955744505","254541478843544755662381547845904652300","54611158850969751301851086590952628930","302163634400636825149017150007684831665","189998908723996230938131694619656807943","116866421171719334797154527726827554745","63002157905645375881709121950844844710","213730524434689387980355047141216967259","171851186081481727127885226401230028656","111686806875080769917645340067285185153"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-93adb102","deprecated":false,"target":{"file":"extra/yassl/src/yassl_imp.cpp"}},{"signature_type":"Function","digest":{"length":2559,"function_hash":"46975870005828366040638209346810365877"},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-c6f15d99","deprecated":false,"target":{"function":"DH_Server::build","file":"extra/yassl/src/yassl_imp.cpp"}},{"signature_type":"Function","digest":{"length":1279,"function_hash":"272044820098228092970937818851523802945"},"signature_version":"v1","source":"https://github.com/mysql/mysql-server/commit/b9768521bdeb1a8069c7b871f4536792b65fd79b","id":"CVE-2016-3471-f8130068","deprecated":false,"target":{"function":"CertificateVerify::Build","file":"extra/yassl/src/yassl_imp.cpp"}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3471.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}]}