{"id":"CVE-2016-0666","details":"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.","modified":"2026-07-08T12:35:56.972100Z","published":"2016-04-21T10:59:30.743Z","related":["SUSE-SU-2016:1279-1","SUSE-SU-2016:1619-1","SUSE-SU-2016:1620-1","openSUSE-SU-2024:10200-1"],"database_specific":{"unresolved_ranges":[{"vendor_product":"debian:debian_linux","source":"CPE_STRING","extracted_events":[{"introduced":"8.0"},{"last_affected":"8.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]},{"vendor_product":"ibm:powerkvm","source":"CPE_STRING","extracted_events":[{"introduced":"2.1"},{"last_affected":"2.1"},{"introduced":"3.1"},{"last_affected":"3.1"}],"cpes":["cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:*"]},{"vendor_product":"opensuse:leap","source":"CPE_STRING","extracted_events":[{"introduced":"42.1"},{"last_affected":"42.1"}],"cpes":["cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"]},{"vendor_product":"oracle:linux","source":"CPE_STRING","extracted_events":[{"introduced":"7"},{"last_affected":"7"}],"cpes":["cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"]},{"vendor_product":"redhat:enterprise_linux","source":"CPE_STRING","extracted_events":[{"introduced":"6.0"},{"last_affected":"6.0"},{"introduced":"7.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0705.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1480.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1481.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1602.html"},{"type":"ADVISORY","url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3557"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3595"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/86509"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1035606"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2953-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2954-1"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1132"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"5a6300dcc45da2d6c2b046560da0580548354b93"},{"fixed":"e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69"},{"introduced":"776555af021e917ce0d6235386b43ae59fdd5161"},{"fixed":"c0238be6cfaaf17c7c3a6f3fc59937cc13cc00be"},{"introduced":"c235de12ae3723b96944337bd89ad9cc87f21d8f"},{"fixed":"ee0695b8072783d04b27328f974d94273b3fa248"}],"database_specific":{"source":"CPE_RANGE","extracted_events":[{"introduced":"5.5.20"},{"fixed":"5.5.49"},{"introduced":"10.0.0"},{"fixed":"10.0.25"},{"introduced":"10.1.0"},{"fixed":"10.1.14"}],"cpe":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"}}],"versions":["mariadb-10.1.13","mariadb-10.1.12","mariadb-10.1.11","mariadb-10.1.10","mariadb-10.1.9","mariadb-10.1.8","mariadb-10.1.7","mariadb-10.1.6","mariadb-10.1.5","mariadb-10.1.4","mariadb-10.1.3","mariadb-10.1.2","mariadb-10.1.0"],"database_specific":{"vanir_signatures_modified":"2026-07-08T12:35:56Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0666.json","vanir_signatures":[{"signature_version":"v1","target":{"file":"extra/yassl/taocrypt/include/asn.hpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-2682245b","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["328989789902264073105121061630412099552","113226449832742612457907525761418099578","3574268165857188010827246450020936726","256024421303372279615573161997334143955","24381003380136022118873075175408425078","169637781681132709185321462432072643703","157075832564591690505815115672437338718","79738385756851413932132919073172844243"],"threshold":0.9}},{"signature_version":"v1","target":{"function":"CertDecoder::CertDecoder","file":"extra/yassl/taocrypt/src/asn.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-62a4fb8d","deprecated":false,"signature_type":"Function","digest":{"function_hash":"84275643727078484617033832623427531850","length":310}},{"signature_version":"v1","target":{"function":"CertManager::Validate","file":"extra/yassl/src/cert_wrapper.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-728de7ee","deprecated":false,"signature_type":"Function","digest":{"function_hash":"167463775338451700908322937717006190459","length":1712}},{"signature_version":"v1","target":{"function":"X509_NAME::X509_NAME","file":"extra/yassl/src/yassl_int.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-86543b13","deprecated":false,"signature_type":"Function","digest":{"function_hash":"271021307451713760989459661087859249867","length":198}},{"signature_version":"v1","target":{"function":"SSL_SESSION::CopyX509","file":"extra/yassl/src/yassl_int.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-90892928","deprecated":false,"signature_type":"Function","digest":{"function_hash":"328709498410265840796879386376762744585","length":446}},{"signature_version":"v1","target":{"file":"extra/yassl/testsuite/test.hpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-9ba31f1c","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["38888561071553782601497217870487296406","84630106213376539451783977885300350","126873917473392384404025904920480303267","289469507619928486694709845281643330112","161888496435859381343451923301229701268","193907191833464268618595565791894261019","301154113693461807935536702603114992455"],"threshold":0.9}},{"signature_version":"v1","target":{"file":"extra/yassl/include/yassl_int.hpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-9fe8170c","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["197676009365587550327544010096750809384","314940809980753828848783963225307749027","302734122978458677552155764040696891768","267110121444471672465268460044649953833","245102166208011813528119248589723473864","299053424134247118890077777126455034544","8171099089091038527887401362974341294","96688523906906507151564659160083122450","196941056280297493524084236661494948405","96437588204849755191236371882039889927","40793978437740086607064551101259185780","298338702324467118272975565189642623433","134442357808225387562236697971928957334","137151124011183786622956729798563364320","235970099255474533973573550653151028787"],"threshold":0.9}},{"signature_version":"v1","target":{"file":"extra/yassl/src/cert_wrapper.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-aaac2f9e","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["115937134762707342620900220190617838770","191777410853952707717371150265731110878","230559820896096789113093095887683112355","340132970365716037207863197366747015004","192203953599706866930858264990409834751","335084834680075071463060046330911643124","248989000053315722845574704130845032843","224427207711222579328297629895090376047"],"threshold":0.9}},{"signature_version":"v1","target":{"function":"CertManager::setPeerX509","file":"extra/yassl/src/cert_wrapper.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-ab04c6ed","deprecated":false,"signature_type":"Function","digest":{"function_hash":"258499531445180797406889695706151720762","length":449}},{"signature_version":"v1","target":{"file":"extra/yassl/src/ssl.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-ac437cb2","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["89880174685555393287789502483324256712","115805482583513444906159117756029482431","8380791449735680843426398503455966188","332040867410817621730468160608364043163","323135279895813047828312530166225685818","274158098018355611255930835363257318785","203456512712712940938422729603369118857","288275627649541686001805175881881304170","293718237998797735582895887301126882496","337073332161807197369532953483253679675","55723517845916282074728728958983286004"],"threshold":0.9}},{"signature_version":"v1","target":{"function":"X509_NAME_get_index_by_NID","file":"extra/yassl/src/ssl.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-acc69a69","deprecated":false,"signature_type":"Function","digest":{"function_hash":"31745880026361593054873911460947510829","length":309}},{"signature_version":"v1","target":{"function":"showPeer","file":"extra/yassl/testsuite/test.hpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-ad5bd6fb","deprecated":false,"signature_type":"Function","digest":{"function_hash":"23188152673892202387393630634900983674","length":358}},{"signature_version":"v1","target":{"function":"X509_NAME::GetEntry","file":"extra/yassl/src/yassl_int.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-b07f25a1","deprecated":false,"signature_type":"Function","digest":{"function_hash":"336412826170946265438186393621591155399","length":464}},{"signature_version":"v1","target":{"function":"X509::X509","file":"extra/yassl/src/yassl_int.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-ca8c0ce8","deprecated":false,"signature_type":"Function","digest":{"function_hash":"262389965711401415449304632826999710791","length":282}},{"signature_version":"v1","target":{"file":"extra/yassl/taocrypt/src/asn.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-e9795d06","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["45725143492301185293449315779667149850","310052851053072881712361048698141642299","296436757348388768923463758269842448031","173611470122246371348441785265481646045","40516398055507048464363498871023472627","192467063586620192734617425788441006471","161668190576412136651550215827899966397","332028413135809880679059706752852236996","340013176742164718874769220079050629323"],"threshold":0.9}},{"signature_version":"v1","target":{"file":"extra/yassl/src/yassl_int.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-e97dd1e4","deprecated":false,"signature_type":"Line","digest":{"line_hashes":["192203953599706866930858264990409834751","335084834680075071463060046330911643124","180711112930894200225363551220949114109","314161287644899398066458886519357039581","139777218675763736943322847753660642224","324465363473437865236249591444351188374","257726177045510299031194402727514190155","257110211407308225341523704485011355471","143002162565023789210044919980376504313","239900352708880861797375541566892395744","152509694225800512776662310570109639942","119626593393767768515842304318340383778","30631714303512873200844902916725540027","330744342064730336789161753695318488254","292703688519468536111275548166335914813","297312509248695775690590540102266626807","183883886712552607375104059636567150310","122514278822269368105509471297572449237","148439279788413922044362573854029843627","112772780973672365382117392311885332453","27826086941401304568981431107298627473","184282094108583728476861885967205427738","48421224335455267776238078862594502500","99251990077953032241631696841085244854","218342949418937748904740895263837262534","321856142199616446243721837550871281435","135461715089527967111512171410150117650"],"threshold":0.9}},{"signature_version":"v1","target":{"function":"CertDecoder::GetName","file":"extra/yassl/taocrypt/src/asn.cpp"},"source":"https://github.com/mariadb/server/commit/e7061f7e5a96c66cb2e0bf46bec7f6ff35801a69","id":"CVE-2016-0666-f758bb4c","deprecated":false,"signature_type":"Function","digest":{"function_hash":"189313815349090713973326517028888258298","length":2378}}]}},{"ranges":[{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"54df0057e18d8c82c23fbd4e0bf5b5dc2e762955"},{"last_affected":"93a6142dd0c0c8b2e0683e4d57082582eac91fdb"},{"introduced":"0"},{"last_affected":"aed32a928b782859cccb545ad54f66a340356651"},{"last_affected":"67d52e7c7a1a23424e39273cbb6f5f9d56fda8d1"}],"database_specific":{"source":"CPE_RANGE","extracted_events":[{"introduced":"5.5.0"},{"last_affected":"5.5.48"},{"introduced":"5.6.0"},{"last_affected":"5.6.29"},{"introduced":"5.7.0"},{"last_affected":"5.7.11"}],"cpe":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"}}],"versions":["mysql-5.5.48","mysql-5.6.29","mysql-5.7.11","mysql-5.5.47","mysql-5.5.44","mysql-5.5.27","mysql-5.5.25","mysql-5.5.23","mysql-5.5.19","mysql-5.5.15","mysql-5.1.4","mysql-4.0.4","mysql-4.0.2","mysql-3.23.36","mysql-3.23.33","mysql-3.23.32","mysql-3.23.31","mysql-3.23.30-gamma","mysql-3.23.28-gamma","mysql-3.23.22-beta"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0666.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}