CVE-2012-5612

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

References

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html

http://seclists.org/fulldisclosure/2012/Dec/5

http://secunia.com/advisories/53372

http://security.gentoo.org/glsa/glsa-201308-06.xml

http://www.exploit-db.com/exploits/23076

http://www.mandriva.com/security/advisories?name=MDVSA-2013:102

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.openwall.com/lists/oss-security/2012/12/02/3

http://www.openwall.com/lists/oss-security/2012/12/02/4

http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

http://www.ubuntu.com/usn/USN-1703-1

https://mariadb.atlassian.net/browse/MDEV-3908

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16960

Details

Source: MITRE

Published: 2012-12-03

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.5

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*

OR

cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
69508GLSA-201308-06 : MySQL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
66114Mandriva Linux Security Advisory : mariadb (MDVSA-2013:102)NessusMandriva Local Security Checks
high
64935MariaDB 5.5 < 5.5.29 Multiple VulnerabilitiesNessusDatabases
medium
64934MariaDB 5.3 < 5.3.12 Multiple VulnerabilitiesNessusDatabases
medium
64933MariaDB 5.2 < 5.2.14 Multiple VulnerabilitiesNessusDatabases
medium
64932MariaDB 5.1 < 5.1.67 Multiple VulnerabilitiesNessusDatabases
medium
64531SuSE 11.2 Security Update : MySQL (SAT Patch Number 7251)NessusSuSE Local Security Checks
medium
64505Mandriva Linux Security Advisory : mysql (MDVSA-2013:007)NessusMandriva Local Security Checks
medium
64421FreeBSD : mysql/mariadb/percona server -- multiple vulnerabilities (8c773d7f-6cbb-11e2-b242-c8600054b392)NessusFreeBSD Local Security Checks
medium
801126MySQL Server 5.5.x < 5.5.29 Multiple VulnerabilitiesLog Correlation EngineDatabase
high
6674Oracle MySQL Server 5.5.x < 5.5.29 Multiple VulnerabilitiesNessus Network MonitorDatabase
high
63668Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1703-1)NessusUbuntu Local Security Checks
medium
63618MySQL 5.5 < 5.5.29 Multiple VulnerabilitiesNessusDatabases
medium