Lucene search

K

RedhatCVELIST:CVE-2012-5612

HistoryDec 03, 2012 - 11:00 a.m.

CVE-2012-5612

2012-12-0311:00:00

redhat

www.cve.org

1

5.8 Medium

AI Score

Confidence

High

0.961 High

EPSS

Percentile

99.5%

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

References

lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html

seclists.org/fulldisclosure/2012/Dec/5

secunia.com/advisories/53372

security.gentoo.org/glsa/glsa-201308-06.xml

www.exploit-db.com/exploits/23076

www.mandriva.com/security/advisories?name=MDVSA-2013:102

www.mandriva.com/security/advisories?name=MDVSA-2013:150

www.openwall.com/lists/oss-security/2012/12/02/3

www.openwall.com/lists/oss-security/2012/12/02/4

www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

www.ubuntu.com/usn/USN-1703-1

mariadb.atlassian.net/browse/MDEV-3908

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16960

5.8 Medium

AI Score

Confidence

High

0.961 High

EPSS

Percentile

99.5%

Related for CVELIST:CVE-2012-5612

checkpoint_advisories2 mariadbunix1 cve1 packetstorm1 nvd1 prion1 ubuntucve1 altlinux1 suse1 openvas6 nessus12 threatpost2 freebsd1 thn1 securityvulns2 ubuntu1 oracle1 gentoo1