CVE-2012-5614

2012-12-0300:00:00

ubuntu.com

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.029 Low

EPSS

Percentile

90.8%

JSON

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a
and possibly other versions, allows remote authenticated users to cause a
denial of service (mysqld crash) via a SELECT command with an UpdateXML
command containing XML with a large number of unique, nested elements.

Bugs

Notes

Author	Note
mdeslaur	as of 2013-02-20, no new version from upstream
jdstrand	per mariadb developers, this CVE is not correct (see http://www.openwall.com/lists/oss-security/2013/02/28/10). Essentially, the UpdateXML part was introduced in 5.6.6 and fixed in 5.6.10. Ubuntu does not ship MySQL 5.6. This CVE was also linked to an invalid packet vulnerability (https://mariadb.atlassian.net/browse/MDEV-3910), but this only existed in 5.5.18 and was fixed in 5.5.21. Since there is no 5.6 in Ubuntu and the invalid packet issue was introduced in 5.5.18, marking this as fixed in mysql-5.5 5.5.21 and mysql-dfsg-5.1 and mysql-5.1 as not-affected.

Author

Note

mdeslaur

as of 2013-02-20, no new version from upstream

jdstrand

per mariadb developers, this CVE is not correct (see http://www.openwall.com/lists/oss-security/2013/02/28/10). Essentially, the UpdateXML part was introduced in 5.6.6 and fixed in 5.6.10. Ubuntu does not ship MySQL 5.6. This CVE was also linked to an invalid packet vulnerability (https://mariadb.atlassian.net/browse/MDEV-3910), but this only existed in 5.5.18 and was fixed in 5.5.21. Since there is no 5.6 in Ubuntu and the invalid packet issue was introduced in 5.5.18, marking this as fixed in mysql-5.5 5.5.21 and mysql-dfsg-5.1 and mysql-5.1 as not-affected.