Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5612

Опубликовано: 03 дек. 2012
Источник: nvd
CVSS2: 6.5
EPSS Средний

Описание

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.1.0 (включая) до 5.1.67 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.2.0 (включая) до 5.2.14 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.3.0 (включая) до 5.3.12 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.29 (исключая)
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.28 (включая)
Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.61212
Средний

6.5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2012-5612

ubuntu
почти 13 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

redhat логотип

CVE-2012-5612

redhat
почти 13 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

debian логотип

CVE-2012-5612

debian
почти 13 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions t ...

github логотип

GHSA-j274-98hw-37wv

github
больше 3 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

suse-cvrf логотип

SUSE-SU-2015:1177-2

suse-cvrf
почти 13 лет назад

Security update for MySQL

EPSS

Процентиль: 98%
0.61212
Средний

6.5 Medium

CVSS2

Дефекты

CWE-787