Ubuntu.comUB:CVE-2012-0553CVE-2012-0553
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.0%
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x
before 5.5.28, has unspecified impact and attack vectors, a different
vulnerability than CVE-2013-1492.
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 11.10 | noarch | mysql-5.1 | < 5.1.69-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | mysql-5.5 | < 5.5.29-0ubuntu0.12.04.2 | UNKNOWN |
| ubuntu | 12.10 | noarch | mysql-5.5 | < 5.5.29-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | mysql-5.5 | < 5.5.29-0ubuntu1 | UNKNOWN |
| ubuntu | 10.04 | noarch | mysql-dfsg-5.1 | < 5.1.69-0ubuntu0.10.04.1 | UNKNOWN |
References
dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html
secunia.com/advisories/52445
blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
launchpad.net/bugs/cve/CVE-2012-0553
nvd.nist.gov/vuln/detail/CVE-2012-0553
security-tracker.debian.org/tracker/CVE-2012-0553
ubuntu.com/security/notices/USN-1807-1
www.cve.org/CVERecord?id=CVE-2012-0553
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.0%