U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2013-1861

Change History

Modified Analysis by NIST 8/04/2022 3:56:04 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.5.29:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 5.5.0 up to (excluding) 5.5.32
     *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (excluding) 10.0.4
Changed CPE Configuration
OR
     *cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.2.14:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from (including) 5.1.0 up to (including) 5.1.69
     *cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from (including) 5.5.0 up to (including) 5.5.31
     *cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from (including) 5.6.0 up to (including) 5.6.11
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 5.5.0 up to (excluding) 5.5.32
     *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (excluding) 10.0.4
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
     *cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
Removed CPE Configuration
OR
     *cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.1.67:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*
     *cpe:2.3:a:mariadb:mariadb:5.3.12:*:*:*:*:*:*:*

								
						
Changed Reference Type
http://lists.askmonty.org/pipermail/commits/2013-March/004371.html No Types Assigned
http://lists.askmonty.org/pipermail/commits/2013-March/004371.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html Mailing List, Third Party Advisory
Changed Reference Type
http://seclists.org/oss-sec/2013/q1/671 No Types Assigned
http://seclists.org/oss-sec/2013/q1/671 Mailing List, Third Party Advisory
Changed Reference Type
http://secunia.com/advisories/52639 Vendor Advisory
http://secunia.com/advisories/52639 Not Applicable
Changed Reference Type
http://secunia.com/advisories/54300 No Types Assigned
http://secunia.com/advisories/54300 Not Applicable
Changed Reference Type
http://security.gentoo.org/glsa/glsa-201409-04.xml No Types Assigned
http://security.gentoo.org/glsa/glsa-201409-04.xml Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2013/dsa-2818 No Types Assigned
http://www.debian.org/security/2013/dsa-2818 Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html Third Party Advisory
Changed Reference Type
http://www.osvdb.org/91415 No Types Assigned
http://www.osvdb.org/91415 Broken Link
Changed Reference Type
http://www.securityfocus.com/bid/58511 Exploit
http://www.securityfocus.com/bid/58511 Exploit, Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/USN-1909-1 No Types Assigned
http://www.ubuntu.com/usn/USN-1909-1 Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=919247 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=919247 Issue Tracking, Third Party Advisory
Changed Reference Type
https://exchange.xforce.ibmcloud.com/vulnerabilities/82895 No Types Assigned
https://exchange.xforce.ibmcloud.com/vulnerabilities/82895 Third Party Advisory, VDB Entry
Changed Reference Type
https://mariadb.atlassian.net/browse/MDEV-4252 No Types Assigned
https://mariadb.atlassian.net/browse/MDEV-4252 Broken Link
Removed Evaluator Impact
Per https://access.redhat.com/security/cve/CVE-2013-1861
"This issue affects the version of mysql as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw."