CVE-2016-6664 – Oracle / MySQL – Race condition
CVE-2016-6664 is a race condition vulnerability impacting multiple versions of Oracle MySQL. An exploit was observed in open source and subsequently shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.
Summary:
CVE-2016-6664 is a race condition vulnerability impacting multiple versions of Oracle MySQL. An exploit was observed in open source and subsequently shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.
PoC Links(if available):
Exploit DB link –
https://www.exploit-db.com/exploits/40679
Known Counter Measures:
Oracle addressed the vulnerability in a critical patch update advisory with updated versions.
Links to patches(if available)
https://www.oracle.com/security-alerts/cpuoct2016.html