5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
The version of MySQL 5.1 installed on the remote host is earlier than 5.1.63 and is, therefore, affected by the following vulnerabilities :
Several errors exist related to โGIS Extensionโ and โServer Optimizerโ components that can allow denial of service attacks. (CVE-2012-0540, CVE-2012-1689, CVE-2012-1734)
A security bypass vulnerability exists that occurs due to improper casting during user login sessions. (Bug #64884 / CVE-2012-2122)
An error exists related to key length and sort order index that can lead to application crashes. (Bug #59387 / CVE-2012-2749
Binary data 801134.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1689
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2749
dev.mysql.com/doc/refman/5.5/en/news-5-1-63.html
seclists.org/oss-sec/2012/q2/493