ID CVE-2012-5612
Summary Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
References
Vulnerable Configurations
  • cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
    cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
    cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
CVSS
Base: 6.5 (as of 20-07-2022 - 16:24)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
oval via4
accepted 2015-06-01T04:00:12.594-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
comment MySQL 5.5 is installed
oval oval:org.mitre.oval:def:8419
description Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
family windows
id oval:org.mitre.oval:def:16960
status accepted
submitted 2013-04-29T10:26:26.748+04:00
title Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server Parser). Supported versions that are affected are 5.5.28 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution
version 20
refmap via4
confirm
exploit-db 23076
fulldisc 20121201 MySQL (Linux) Heap Based Overrun PoC Zeroday
gentoo GLSA-201308-06
mandriva
  • MDVSA-2013:102
  • MDVSA-2013:150
mlist [oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
secunia 53372
suse SUSE-SU-2013:0262
ubuntu USN-1703-1
Last major update 20-07-2022 - 16:24
Published 03-12-2012 - 12:49
Last modified 20-07-2022 - 16:24
Back to Top