4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.8%
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a
and possibly other versions, allows remote authenticated users to cause a
denial of service (mysqld crash) via a SELECT command with an UpdateXML
command containing XML with a large number of unique, nested elements.
Author | Note |
---|---|
mdeslaur | as of 2013-02-20, no new version from upstream |
jdstrand | per mariadb developers, this CVE is not correct (see http://www.openwall.com/lists/oss-security/2013/02/28/10). Essentially, the UpdateXML part was introduced in 5.6.6 and fixed in 5.6.10. Ubuntu does not ship MySQL 5.6. This CVE was also linked to an invalid packet vulnerability (https://mariadb.atlassian.net/browse/MDEV-3910), but this only existed in 5.5.18 and was fixed in 5.5.21. Since there is no 5.6 in Ubuntu and the invalid packet issue was introduced in 5.5.18, marking this as fixed in mysql-5.5 5.5.21 and mysql-dfsg-5.1 and mysql-5.1 as not-affected. |
seclists.org/fulldisclosure/2012/Dec/7
www.openwall.com/lists/oss-security/2012/12/02/3
www.openwall.com/lists/oss-security/2012/12/02/4
www.openwall.com/lists/oss-security/2013/02/28/10
launchpad.net/bugs/cve/CVE-2012-5614
mariadb.atlassian.net/browse/MDEV-3910
nvd.nist.gov/vuln/detail/CVE-2012-5614
security-tracker.debian.org/tracker/CVE-2012-5614
www.cve.org/CVERecord?id=CVE-2012-5614