Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5612

Опубликовано: 03 дек. 2012
Источник: nvd
CVSS2: 6.5
EPSS Средний

Описание

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.1.0 (включая) до 5.1.67 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.2.0 (включая) до 5.2.14 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.3.0 (включая) до 5.3.12 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.29 (исключая)
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.28 (включая)
Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.69337
Средний

6.5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2012-5612

ubuntu
больше 12 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

redhat логотип

CVE-2012-5612

redhat
больше 12 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

debian логотип

CVE-2012-5612

debian
больше 12 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions t ...

github логотип

GHSA-j274-98hw-37wv

github
около 3 лет назад

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

suse-cvrf логотип

SUSE-SU-2015:1177-2

suse-cvrf
больше 12 лет назад

Security update for MySQL

EPSS

Процентиль: 99%
0.69337
Средний

6.5 Medium

CVSS2

Дефекты

CWE-787