Search...

CVE-2012-1690

2012-05-03T18:55:02

ID CVE-2012-1690
Type cve
Reporter NVD
Modified 2017-12-06T21:29:11

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.

JSON Vulners Source

Initial Source

{"id": "CVE-2012-1690", "bulletinFamily": "NVD", "title": "CVE-2012-1690", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.", "published": "2012-05-03T18:55:02", "modified": "2017-12-06T21:29:11", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "reporter": "NVD", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securitytracker.com/id?1026934", "http://www.securityfocus.com/bid/53074"], "cvelist": ["CVE-2012-1690"], "type": "cve", "lastseen": "2017-12-07T12:34:06", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "cvelist": ["CVE-2012-1690"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.", "edition": 2, "enchantments": {}, "hash": "ebaf9009542a4bac375bfb7be15fc735332603768259271e9a3ace2560ec1190", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a01a7b9bc23559e12abe544130658da8", "key": "cvelist"}, {"hash": "d5876ab54be3ea97df067db91295712f", "key": "modified"}, {"hash": "273a0cfef512556a89d9d2d6d4092cb7", "key": "href"}, {"hash": "7dd98ddd3b39c629315590ce4291a98f", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "45aed28972c76ea303e73448b23d0a7a", "key": "description"}, {"hash": "0896bb452cd363302f503157a94a17b6", "key": "title"}, {"hash": "58572bce3ce694426f9b3b8f1167a734", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "dd12e4b9f978bfbab06061612944618f", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "id": "CVE-2012-1690", "lastseen": "2017-04-18T15:53:20", "modified": "2016-11-21T22:00:36", "objectVersion": "1.2", "published": "2012-05-03T18:55:02", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securityfocus.com/bid/53074"], "reporter": "NVD", "scanner": [], "title": "CVE-2012-1690", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:53:20"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "cvelist": ["CVE-2012-1690"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.", "edition": 1, "hash": "cceb28dd335508cfc7fa2772d69aabb1373b35751ae2ee2b20a83b8be011aa0e", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a01a7b9bc23559e12abe544130658da8", "key": "cvelist"}, {"hash": "273a0cfef512556a89d9d2d6d4092cb7", "key": "href"}, {"hash": "783a27b3a225036e05b36e92b65665b6", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "7dd98ddd3b39c629315590ce4291a98f", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "0896bb452cd363302f503157a94a17b6", "key": "title"}, {"hash": "58572bce3ce694426f9b3b8f1167a734", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f66e2ccac788ae042f3b852b7c102054", "key": "description"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "dd12e4b9f978bfbab06061612944618f", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "id": "CVE-2012-1690", "lastseen": "2016-09-03T16:26:48", "modified": "2014-02-20T23:50:00", "objectVersion": "1.2", "published": "2012-05-03T18:55:02", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securityfocus.com/bid/53074"], "reporter": "NVD", "scanner": [], "title": "CVE-2012-1690", "type": "cve", "viewCount": 0}, "differentElements": ["description", "modified"], "edition": 1, "lastseen": "2016-09-03T16:26:48"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "7dd98ddd3b39c629315590ce4291a98f"}, {"key": "cvelist", "hash": "a01a7b9bc23559e12abe544130658da8"}, {"key": "cvss", "hash": "3acd5c52298d52c7e188feeb289548b8"}, {"key": "description", "hash": "45aed28972c76ea303e73448b23d0a7a"}, {"key": "href", "hash": "273a0cfef512556a89d9d2d6d4092cb7"}, {"key": "modified", "hash": "d88121df9d3cde2dd481d4aa554ba47e"}, {"key": "published", "hash": "58572bce3ce694426f9b3b8f1167a734"}, {"key": "references", "hash": "3ae4abf335c9087a6dc82013e5f63f73"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "0896bb452cd363302f503157a94a17b6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "6b867a47dcfd559d3a669ecd242c24f8c931b92f0203a9e4524113e4dd0a950f", "viewCount": 1, "enchantments": {"vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"result": {"openvas": [{"id": "OPENVAS:1361412562310812180", "type": "openvas", "title": "MySQL Server Components Multiple Unspecified Vulnerabilities", "description": "The host is running MySQL and is prone\n to multiple unspecified vulnerabilities.", "published": "2017-11-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812180", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703"], "lastseen": "2018-05-29T15:06:20"}, {"id": "OPENVAS:1361412562310803808", "type": "openvas", "title": "MySQL Server Components Multiple Unspecified Vulnerabilities", "description": "The host is running MySQL and is prone to multiple unspecified\n vulnerabilities.", "published": "2013-06-04T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803808", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703"], "lastseen": "2018-05-29T14:43:24"}, {"id": "OPENVAS:71475", "type": "openvas", "title": "Debian Security Advisory DSA 2496-1 (mysql-5.1)", "description": "The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.", "published": "2012-08-10T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=71475", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2122"], "lastseen": "2017-07-24T12:50:39"}, {"id": "OPENVAS:136141256231071475", "type": "openvas", "title": "Debian Security Advisory DSA 2496-1 (mysql-5.1)", "description": "The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.", "published": "2012-08-10T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071475", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2122"], "lastseen": "2018-04-06T11:17:35"}, {"id": "OPENVAS:870861", "type": "openvas", "title": "RedHat Update for mysql RHSA-2012:1462-01", "description": "Check for the Version of mysql", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870861", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2018-01-03T10:56:29"}, {"id": "OPENVAS:881538", "type": "openvas", "title": "CentOS Update for mysql CESA-2012:1462 centos6 ", "description": "Check for the Version of mysql", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881538", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2018-01-08T12:56:48"}, {"id": "OPENVAS:1361412562310881538", "type": "openvas", "title": "CentOS Update for mysql CESA-2012:1462 centos6 ", "description": "Check for the Version of mysql", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881538", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2018-04-06T11:17:13"}, {"id": "OPENVAS:1361412562310870861", "type": "openvas", "title": "RedHat Update for mysql RHSA-2012:1462-01", "description": "Check for the Version of mysql", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870861", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2018-04-06T11:16:25"}, {"id": "OPENVAS:1361412562310123778", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1462", "description": "Oracle Linux Local Security Checks ELSA-2012-1462", "published": "2015-10-06T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123778", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2017-07-24T12:52:49"}, {"id": "OPENVAS:1361412562310121014", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201308-06", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201308-06", "published": "2015-09-29T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121014", "cvelist": ["CVE-2012-5627", "CVE-2012-0583", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2013-2395", "CVE-2012-3160", "CVE-2013-1521", "CVE-2012-0075", "CVE-2012-0489", "CVE-2013-1567", "CVE-2013-1623", "CVE-2013-0385", "CVE-2013-1532", "CVE-2013-2392", "CVE-2013-0371", "CVE-2012-5614", "CVE-2013-1526", "CVE-2012-1697", "CVE-2013-1544", "CVE-2013-1492", "CVE-2012-0112", "CVE-2013-1523", "CVE-2013-1506", "CVE-2012-3150", "CVE-2012-5611", "CVE-2013-0386", "CVE-2012-1688", "CVE-2012-0574", "CVE-2012-0491", "CVE-2012-3180", "CVE-2012-0553", "CVE-2012-5096", "CVE-2012-3167", "CVE-2012-1689", "CVE-2013-1552", "CVE-2012-0496", "CVE-2013-1555", "CVE-2012-0113", "CVE-2012-3197", "CVE-2012-1705", "CVE-2012-0484", "CVE-2012-3173", "CVE-2013-3808", "CVE-2013-2381", "CVE-2012-1734", "CVE-2012-0494", "CVE-2012-3158", "CVE-2013-0383", "CVE-2012-0115", "CVE-2013-1512", "CVE-2013-0368", "CVE-2013-0389", "CVE-2013-2391", "CVE-2012-5060", "CVE-2012-0101", "CVE-2013-0375", "CVE-2012-0488", "CVE-2013-1570", "CVE-2012-1702", "CVE-2012-0493", "CVE-2013-0367", "CVE-2013-1566", "CVE-2012-0114", "CVE-2013-1511", "CVE-2013-1502", "CVE-2012-0495", "CVE-2012-0540", "CVE-2013-1548", "CVE-2013-1531", "CVE-2013-2375", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0572", "CVE-2012-2749", "CVE-2012-0485", "CVE-2012-5615", "CVE-2012-0578", "CVE-2013-2389", "CVE-2012-0117", "CVE-2013-3804", "CVE-2012-0487", "CVE-2012-5613", "CVE-2012-3177", "CVE-2012-0087", "CVE-2012-0490", "CVE-2013-2378", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122", "CVE-2012-1696", "CVE-2013-3802", "CVE-2012-0120", "CVE-2013-2376", "CVE-2012-5612", "CVE-2013-0384", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "lastseen": "2018-04-09T11:28:37"}], "nessus": [{"id": "MYSQL_5_1_62.NASL", "type": "nessus", "title": "MySQL 5.1 < 5.1.62 Multiple Vulnerabilities", "description": "The version of MySQL 5.1 installed on the remote host is earlier than 5.1.62. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the included yaSSL component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer', 'Server DML', 'Partition' and, in combination with InnoDB, 'HANDLER READ NEXT' that could allow denial of service attacks. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2102)", "published": "2012-04-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=58802", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-0882"], "lastseen": "2018-07-18T14:17:13"}, {"id": "MYSQL_5_5_22.NASL", "type": "nessus", "title": "MySQL 5.5 < 5.5.22 Multiple Vulnerabilities", "description": "The version of MySQL 5.5 installed on the remote host is earlier than 5.5.22. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the included yaSSL component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer', 'Server DML', 'Partition' and, in combination with InnoDB, 'HANDLER READ NEXT' that could allow denial of service attacks. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1697, CVE-2012-1703, CVE-2012-2102)", "published": "2012-04-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=58661", "cvelist": ["CVE-2012-1690", "CVE-2012-1697", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-0882"], "lastseen": "2018-07-18T14:16:55"}, {"id": "OPENSUSE-2012-276.NASL", "type": "nessus", "title": "openSUSE Security Update : mysql-cluster (openSUSE-SU-2012:0617-1)", "description": "MySQL Cluster 7.1.21 fixes several security issues and bugs. Please refer to the following upstream announcement for details :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html", "published": "2014-06-13T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74626", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1697", "CVE-2012-1688", "CVE-2009-5026", "CVE-2012-1703", "CVE-2012-1696"], "lastseen": "2017-10-29T13:32:53"}, {"id": "DEBIAN_DSA-2496.NASL", "type": "nessus", "title": "Debian DSA-2496-1 : mysql-5.1 - several vulnerabilities", "description": "Due to the non-disclosure of security patch information from Oracle, we are forced to ship an upstream version update of MySQL 5.1. There are several known incompatible changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz.\n\nSeveral issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL release notes.\n\n CVE-2012-2122, an authentication bypass vulnerability, occurs only when MySQL has been built in with certain optimisations enabled. The packages in Debian stable (squeeze) are not known to be affected by this vulnerability. It is addressed in this update nonetheless, so future rebuilds will not become vulnerable to this issue.", "published": "2012-06-29T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=59774", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1689", "CVE-2012-1734", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122"], "lastseen": "2018-07-10T06:15:44"}, {"id": "SL_20121114_MYSQL_ON_SL6_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : mysql on SL6.x i386/x86_64", "description": "This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes for a full list of changes.\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "published": "2012-11-16T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62934", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2017-10-29T13:44:18"}, {"id": "REDHAT-RHSA-2012-1462.NASL", "type": "nessus", "title": "RHEL 6 : mysql (RHSA-2012:1462)", "description": "Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62923", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2017-10-29T13:36:50"}, {"id": "OPENSUSE-2012-274.NASL", "type": "nessus", "title": "openSUSE Security Update : mariadb (openSUSE-2012-274)", "description": "mariadb update to version 5.2.12 fixes several security issues and bugs. Please refer to the following upstream announcements for details :\n\nhttp://kb.askmonty.org/v/mariadb-5212-release-notes http://kb.askmonty.org/v/mariadb-5211-release-notes http://kb.askmonty.org/v/mariadb-5210-release-notes", "published": "2014-06-13T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74624", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-0075", "CVE-2012-0112", "CVE-2012-1688", "CVE-2012-0113", "CVE-2012-0484", "CVE-2012-0115", "CVE-2012-0101", "CVE-2012-0114", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2012-0087", "CVE-2012-0490", "CVE-2012-1703", "CVE-2012-0120", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102"], "lastseen": "2017-10-29T13:38:44"}, {"id": "ORACLELINUX_ELSA-2012-1462.NASL", "type": "nessus", "title": "Oracle Linux 6 : mysql (ELSA-2012-1462)", "description": "From Red Hat Security Advisory 2012:1462 :\n\nUpdated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "published": "2013-07-12T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68658", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2017-10-29T13:45:14"}, {"id": "CENTOS_RHSA-2012-1462.NASL", "type": "nessus", "title": "CentOS 6 : mysql (CESA-2012:1462)", "description": "Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "published": "2012-11-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62921", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2018-07-03T10:20:35"}, {"id": "OPENSUSE-2012-273.NASL", "type": "nessus", "title": "openSUSE Security Update : mysql-community-server (openSUSE-2012-273)", "description": "mysql update to version 5.5.23 fixes several security issues and bugs.\nPlease refer to the following upstream announcements for details :\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html", "published": "2014-06-13T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74623", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-0075", "CVE-2012-0489", "CVE-2012-1697", "CVE-2012-0112", "CVE-2012-1688", "CVE-2012-0491", "CVE-2012-0496", "CVE-2012-0113", "CVE-2012-0484", "CVE-2012-0494", "CVE-2012-0115", "CVE-2012-0101", "CVE-2012-0488", "CVE-2012-0493", "CVE-2012-0114", "CVE-2012-0495", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2012-0117", "CVE-2012-0487", "CVE-2012-0087", "CVE-2012-0490", "CVE-2012-1703", "CVE-2012-1696", "CVE-2012-0120", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "lastseen": "2017-10-29T13:44:22"}], "debian": [{"id": "DSA-2496", "type": "debian", "title": "mysql-5.1 -- several vulnerabilities", "description": "Due to the non-disclosure of security patch information from Oracle, we are forced to ship an upstream version update of MySQL 5.1. There are several known incompatible changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz. \n\nSeveral issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the [MySQL release notes](<http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html>). \n\n[CVE-2012-2122](<https://security-tracker.debian.org/tracker/CVE-2012-2122>), an authentication bypass vulnerability, occurs only when MySQL has been built in with certain optimisations enabled. The packages in Debian stable (squeeze) are not known to be affected by this vulnerability. It is addressed in this update nonetheless, so future rebuilds will not become vulnerable to this issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in version 5.1.63-0+squeeze1.\n\nFor the testing distribution (wheezy), these problems have been fixed in version 5.1.62-1 of the mysql-5.1 package and version 5.5.24+dfsg-1 of the mysql-5.5 package.\n\nWe recommend that you upgrade your MySQL packages.", "published": "2012-06-18T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2496", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1689", "CVE-2012-1734", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122"], "lastseen": "2016-09-02T18:19:38"}], "redhat": [{"id": "RHSA-2012:1462", "type": "redhat", "title": "(RHSA-2012:1462) Important: mysql security update", "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n", "published": "2012-11-14T05:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:1462", "cvelist": ["CVE-2012-0540", "CVE-2012-1688", "CVE-2012-1689", "CVE-2012-1690", "CVE-2012-1703", "CVE-2012-1734", "CVE-2012-2749", "CVE-2012-3150", "CVE-2012-3158", "CVE-2012-3160", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3167", "CVE-2012-3173", "CVE-2012-3177", "CVE-2012-3180", "CVE-2012-3197"], "lastseen": "2018-06-12T21:10:51"}], "oraclelinux": [{"id": "ELSA-2012-1462", "type": "oraclelinux", "title": "mysql security update", "description": "[5.1.66-1]\n- Update to 5.1.66, for assorted upstream bugfixes including\n CVEs announced in July and October 2012\nResolves: #871813", "published": "2012-11-14T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-1462.html", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2016-09-04T11:15:59"}], "centos": [{"id": "CESA-2012:1462", "type": "centos", "title": "mysql security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:1462\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-embedded\nmysql-embedded-devel\nmysql-libs\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1462.html", "published": "2012-11-15T03:44:02", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "lastseen": "2017-10-03T18:25:53"}], "gentoo": [{"id": "GLSA-201308-06", "type": "gentoo", "title": "MySQL: Multiple vulnerabilities", "description": "### Background\n\nMySQL is a fast, multi-threaded, multi-user SQL database server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MySQL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/mysql-5.1.70\"", "published": "2013-08-29T00:00:00", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201308-06", "cvelist": ["CVE-2012-5627", "CVE-2012-0583", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2013-2395", "CVE-2012-3160", "CVE-2013-1521", "CVE-2012-0075", "CVE-2012-0489", "CVE-2013-1567", "CVE-2013-1623", "CVE-2013-0385", "CVE-2013-1532", "CVE-2013-2392", "CVE-2013-0371", "CVE-2012-5614", "CVE-2013-1526", "CVE-2012-1697", "CVE-2013-1544", "CVE-2013-1492", "CVE-2012-0112", "CVE-2013-1523", "CVE-2013-1506", "CVE-2012-3150", "CVE-2012-5611", "CVE-2013-0386", "CVE-2012-1688", "CVE-2012-0574", "CVE-2012-0491", "CVE-2012-3180", "CVE-2012-0553", "CVE-2012-5096", "CVE-2012-3167", "CVE-2012-1689", "CVE-2013-1552", "CVE-2012-0496", "CVE-2013-1555", "CVE-2012-0113", "CVE-2012-3197", "CVE-2012-1705", "CVE-2012-0484", "CVE-2012-3173", "CVE-2013-3808", "CVE-2013-2381", "CVE-2012-1734", "CVE-2012-0494", "CVE-2012-3158", "CVE-2013-0383", "CVE-2012-0115", "CVE-2013-1512", "CVE-2013-0368", "CVE-2013-0389", "CVE-2013-2391", "CVE-2012-5060", "CVE-2012-0101", "CVE-2013-0375", "CVE-2012-0488", "CVE-2013-1570", "CVE-2012-1702", "CVE-2012-0493", "CVE-2013-0367", "CVE-2013-1566", "CVE-2012-0114", "CVE-2013-1511", "CVE-2013-1502", "CVE-2012-0495", "CVE-2012-0540", "CVE-2013-1548", "CVE-2013-1531", "CVE-2013-2375", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0572", "CVE-2012-2749", "CVE-2012-0485", "CVE-2012-5615", "CVE-2012-0578", "CVE-2013-2389", "CVE-2012-0117", "CVE-2013-3804", "CVE-2012-0487", "CVE-2012-5613", "CVE-2012-3177", "CVE-2012-0087", "CVE-2012-0490", "CVE-2013-2378", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122", "CVE-2012-1696", "CVE-2013-3802", "CVE-2012-0120", "CVE-2013-2376", "CVE-2012-5612", "CVE-2013-0384", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "lastseen": "2016-09-06T19:46:33"}], "oracle": [{"id": "ORACLE:CPUAPR2012-366314", "type": "oracle", "title": "Oracle Critical Patch Update - April 2012", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 88 new security fixes across the product families listed below.\n\nOracle released a Security Alert on January 31st, 2012 to address the security issue CVE-2011-5035, a denial of service vulnerability in multiple Oracle products due to hashing collisions. Please see [Security Alert (CVE-2011-5035)](<http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html>) for the list of affected products and patch availability information.\n", "published": "2012-07-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2012-0583", "CVE-2012-0516", "CVE-2012-1690", "CVE-2012-0552", "CVE-2012-0576", "CVE-2012-1676", "CVE-2012-0581", "CVE-2012-1709", "CVE-2012-0510", "CVE-2012-0529", "CVE-2012-0577", "CVE-2012-0538", "CVE-2012-0512", "CVE-2012-0566", "CVE-2012-0558", "CVE-2012-0536", "CVE-2011-3563", "CVE-2012-1708", "CVE-2012-0523", "CVE-2012-1697", "CVE-2012-1674", "CVE-2012-0545", "CVE-2012-0208", "CVE-2012-0511", "CVE-2012-0567", "CVE-2012-1688", "CVE-2012-0546", "CVE-2012-0565", "CVE-2012-0548", "CVE-2012-1693", "CVE-2012-0514", "CVE-2011-5035", "CVE-2012-0549", "CVE-2012-0582", "CVE-2012-0520", "CVE-2012-1679", "CVE-2012-0498", "CVE-2012-0579", "CVE-2012-0551", "CVE-2012-0525", "CVE-2012-0522", "CVE-2012-0561", "CVE-2012-0539", "CVE-2012-0556", "CVE-2012-1694", "CVE-2012-0534", "CVE-2012-0580", "CVE-2012-1681", "CVE-2012-0557", "CVE-2012-0519", "CVE-2012-0497", "CVE-2012-1695", "CVE-2012-0537", "CVE-2012-0533", "CVE-2012-0575", "CVE-2012-0560", "CVE-2012-1692", "CVE-2012-0535", "CVE-2012-0526", "CVE-2012-1704", "CVE-2012-0513", "CVE-2012-0532", "CVE-2012-0499", "CVE-2012-1707", "CVE-2012-0501", "CVE-2012-0521", "CVE-2012-1698", "CVE-2012-0543", "CVE-2012-1684", "CVE-2012-1683", "CVE-2012-1691", "CVE-2012-0517", "CVE-2012-0531", "CVE-2012-1710", "CVE-2012-0515", "CVE-2012-0550", "CVE-2012-0509", "CVE-2012-0542", "CVE-2012-0562", "CVE-2012-0554", "CVE-2012-0544", "CVE-2012-0564", "CVE-2012-0530", "CVE-2012-1703", "CVE-2012-1696", "CVE-2012-0571", "CVE-2012-1706", "CVE-2012-0555", "CVE-2012-0559", "CVE-2012-0527", "CVE-2012-0573", "CVE-2012-0528", "CVE-2012-0541", "CVE-2012-0524"], "lastseen": "2018-04-18T20:24:11"}]}}