{
  "threat_severity" : "Low",
  "public_date" : "2013-07-17T00:00:00Z",
  "bugzilla" : {
    "description" : "mysql: unspecified DoS related to Server Optimizer (CPU July 2013)",
    "id" : "985687",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=985687"
  },
  "cvss" : {
    "cvss_base_score" : "3.5",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:S/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer." ],
  "statement" : "This issue was addressed in the package mysql55-mysql as shipped with Red Hat Enterprise Linux 5 via RHEA-2013:1330. This issue was addressed in the package mysql as shipped with Red Hat Enterprise Linux 6 via RHBA-2013:1647.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-11-20T00:00:00Z",
    "advisory" : "RHBA-2013:1647",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "mysql-0:5.1.71-1.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Under investigation",
    "package_name" : "mysql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Affected",
    "package_name" : "mysql51-mysql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-3804\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-3804\nhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html#AppendixMSQL" ],
  "name" : "CVE-2013-3804",
  "csaw" : false
}