Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-5611
HistoryDec 03, 2012 - 12:00 a.m.

CVE-2012-5611

2012-12-0300:00:00
ubuntu.com
ubuntu.com
13

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.949

Percentile

99.3%

Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19
and other versions through 5.5.28, and 5.1.53 and other versions through
5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x
before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to
execute arbitrary code via a long argument to the GRANT FILE command.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchmysql-5.1< 5.1.66-0ubuntu0.11.10.3UNKNOWN
ubuntu12.04noarchmysql-5.5< 5.5.28-0ubuntu0.12.04.3UNKNOWN
ubuntu12.10noarchmysql-5.5< 5.5.28-0ubuntu0.12.10.2UNKNOWN
ubuntu10.04noarchmysql-dfsg-5.1< 5.1.66-0ubuntu0.10.04.3UNKNOWN

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.949

Percentile

99.3%