8.1

CVE-2016-1251

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.

Data is provided by the National Vulnerability Database (NVD)
Dbd-mysql ProjectDbd-mysql Version3.0000_0
Dbd-mysql ProjectDbd-mysql Version3.0001_1
Dbd-mysql ProjectDbd-mysql Version3.0001_2
Dbd-mysql ProjectDbd-mysql Version3.0001_3
Dbd-mysql ProjectDbd-mysql Version3.0002_1
Dbd-mysql ProjectDbd-mysql Version3.0002_2
Dbd-mysql ProjectDbd-mysql Version3.0002_3
Dbd-mysql ProjectDbd-mysql Version3.0002_4
Dbd-mysql ProjectDbd-mysql Version3.0002_5
Dbd-mysql ProjectDbd-mysql Version3.0003_1
Dbd-mysql ProjectDbd-mysql Version3.0004_1
Dbd-mysql ProjectDbd-mysql Version3.0005
Dbd-mysql ProjectDbd-mysql Version3.0005_1
Dbd-mysql ProjectDbd-mysql Version3.0007_2
Dbd-mysql ProjectDbd-mysql Version3.0008_1
Dbd-mysql ProjectDbd-mysql Version3.0009_1
Dbd-mysql ProjectDbd-mysql Version4.00
Dbd-mysql ProjectDbd-mysql Version4.001
Dbd-mysql ProjectDbd-mysql Version4.002
Dbd-mysql ProjectDbd-mysql Version4.003
Dbd-mysql ProjectDbd-mysql Version4.004
Dbd-mysql ProjectDbd-mysql Version4.005
Dbd-mysql ProjectDbd-mysql Version4.006
Dbd-mysql ProjectDbd-mysql Version4.007
Dbd-mysql ProjectDbd-mysql Version4.008
Dbd-mysql ProjectDbd-mysql Version4.009
Dbd-mysql ProjectDbd-mysql Version4.010
Dbd-mysql ProjectDbd-mysql Version4.011
Dbd-mysql ProjectDbd-mysql Version4.012
Dbd-mysql ProjectDbd-mysql Version4.013
Dbd-mysql ProjectDbd-mysql Version4.014
Dbd-mysql ProjectDbd-mysql Version4.015
Dbd-mysql ProjectDbd-mysql Version4.016
Dbd-mysql ProjectDbd-mysql Version4.017
Dbd-mysql ProjectDbd-mysql Version4.018
Dbd-mysql ProjectDbd-mysql Version4.019
Dbd-mysql ProjectDbd-mysql Version4.020
Dbd-mysql ProjectDbd-mysql Version4.021
Dbd-mysql ProjectDbd-mysql Version4.022
Dbd-mysql ProjectDbd-mysql Version4.023
Dbd-mysql ProjectDbd-mysql Version4.024
Dbd-mysql ProjectDbd-mysql Version4.025
Dbd-mysql ProjectDbd-mysql Version4.026
Dbd-mysql ProjectDbd-mysql Version4.027
Dbd-mysql ProjectDbd-mysql Version4.028
Dbd-mysql ProjectDbd-mysql Version4.029
Dbd-mysql ProjectDbd-mysql Version4.030_01
Dbd-mysql ProjectDbd-mysql Version4.030_02
Dbd-mysql ProjectDbd-mysql Version4.031
Dbd-mysql ProjectDbd-mysql Version4.032
Dbd-mysql ProjectDbd-mysql Version4.032_01
Dbd-mysql ProjectDbd-mysql Version4.032_02
Dbd-mysql ProjectDbd-mysql Version4.032_03
Dbd-mysql ProjectDbd-mysql Version4.033
Dbd-mysql ProjectDbd-mysql Version4.033_01
Dbd-mysql ProjectDbd-mysql Version4.033_02
Dbd-mysql ProjectDbd-mysql Version4.033_03
Dbd-mysql ProjectDbd-mysql Version4.034
Dbd-mysql ProjectDbd-mysql Version4.035
Dbd-mysql ProjectDbd-mysql Version4.035_01
Dbd-mysql ProjectDbd-mysql Version4.035_02
Dbd-mysql ProjectDbd-mysql Version4.035_03
Dbd-mysql ProjectDbd-mysql Version4.036
Dbd-mysql ProjectDbd-mysql Version4.037
Dbd-mysql ProjectDbd-mysql Version4.037_01
Dbd-mysql ProjectDbd-mysql Version4.038
Dbd-mysql ProjectDbd-mysql Version4.038_01
Dbd-mysql ProjectDbd-mysql Version4.039
Dbd-mysql ProjectDbd-mysql Version4.040
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.51% 0.655
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.