CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
99.3%
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19
and other versions through 5.5.28, and 5.1.53 and other versions through
5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x
before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to
execute arbitrary code via a long argument to the GRANT FILE command.
seclists.org/fulldisclosure/2012/Dec/4
www.exploit-db.com/exploits/23075
www.openwall.com/lists/oss-security/2012/12/02/3
www.openwall.com/lists/oss-security/2012/12/02/4
launchpad.net/bugs/cve/CVE-2012-5611
nvd.nist.gov/vuln/detail/CVE-2012-5611
security-tracker.debian.org/tracker/CVE-2012-5611
ubuntu.com/security/notices/USN-1658-1
www.cve.org/CVERecord?id=CVE-2012-5611