CVE-2012-4414
Vulnerability from cvelistv5
Published
2013-01-22 23:00
Modified
2024-08-06 20:35
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T20:35:09.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://mariadb.atlassian.net/browse/MDEV-382" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/" }, { "name": "MDVSA-2013:102", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102" }, { "name": "openSUSE-SU-2013:0156", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html" }, { "name": "openSUSE-SU-2013:0135", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html" }, { "name": "openSUSE-SU-2013:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html" }, { "name": "openSUSE-SU-2013:0014", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html" }, { "name": "[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2012/09/11/4" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852144" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.mysql.com/bug.php?id=66550" }, { "name": "MDVSA-2013:150", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" }, { "name": "55498", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/55498" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-09-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2013-12-02T13:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://mariadb.atlassian.net/browse/MDEV-382" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/" }, { "name": "MDVSA-2013:102", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102" }, { "name": "openSUSE-SU-2013:0156", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html" }, { "name": "openSUSE-SU-2013:0135", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html" }, { "name": "openSUSE-SU-2013:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html" }, { "name": "openSUSE-SU-2013:0014", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html" }, { "name": "[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2012/09/11/4" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852144" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.mysql.com/bug.php?id=66550" }, { "name": "MDVSA-2013:150", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" }, { "name": "55498", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/55498" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4414", "datePublished": "2013-01-22T23:00:00", "dateReserved": "2012-08-21T00:00:00", "dateUpdated": "2024-08-06T20:35:09.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2012-4414\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-01-22T23:55:02.650\",\"lastModified\":\"2024-11-21T01:42:50.050\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en el c\u00f3digo de replicaci\u00f3n de Oracle en MySQL v5.5.29 posiblemente antes, y MariaDB v5.1.x hasta v5.1.62, v5.2.x hasta v5.2.12, v5.3.x hasta v5.3.7 y v5.5.x hasta v5.5.25 que permiten a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s de vectores relacionados con el registro binario. NOTA: a partir de 20130116, Oracle no se ha pronunciado sobre las alegaciones de un proveedor de bajo nivel en las que se explica que la correcci\u00f3n de MySQL v5.5.29 es incompleta.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.5.28\",\"matchCriteriaId\":\"BFB1893D-61DC-4FFF-8BC0-68A8D6A28A71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E1D047-8CCC-4C1F-B151-B937CDA06295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"950EB4D1-6328-41C9-8739-46529C043615\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.52:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"36618CD5-C8DE-4356-B53D-EB12A8F3AEC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E1B28CE-BFE1-4331-90F9-E6BA672BDAA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B43FDCD2-6FB0-4606-8357-B0F63368C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DC76BF-857D-4CCE-B772-CA73AB14EABE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7CEB039-C129-4C0C-AA90-89A816F96052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8656BD5D-2A3F-48DA-8FEB-FFDD7DA557A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E504B098-BFC4-418C-AD24-F9A02E59DD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EBB49CB-C15F-4F5B-B4B8-2C1B91A6A841\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED264D57-BD4F-4020-B120-9DC3175D106F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86C2079F-93E8-4EE3-BE75-836807D93AA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF9060C-9469-48DA-858A-BB42E77AF88F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.63:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E268D9E-0C18-4257-8820-634B7357BEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0942892C-2106-4F1F-AEBE-78C1CF55E363\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.65:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE6C87CE-8BA5-4701-B295-7672AF52E6B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.66:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EABA08A-81F1-46ED-BF57-FA63229DDCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.67:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FD6AA9F-7F35-4522-B396-C2179ED9B490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"312DACA6-F414-4EA8-A817-6E1C506AF780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6095FC85-BF0E-423C-9311-0B6387E91F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD0E8107-CAEA-44D7-B82D-2571F7A7E65B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB58C978-1FBE-4BF9-A473-C99FBF943484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5079BA1C-B1A7-4298-BC8A-EBD63AA45186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94F7A061-66FE-4EAD-918B-6C4500A21BE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DED856E3-69A6-4681-B1EF-871810E8F7C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C147F1EE-29ED-4211-9F7E-8D0172BD0045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0812F864-91E0-4B3E-9CB3-33B7514B9330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E105E9-FE65-4B75-9818-D3897294E941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC68032-1200-4506-A678-E7DF474E9C28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19518B17-0C4B-4589-BB41-87DAF0AB4BC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54047553-C08F-474C-8650-89AAAC68056B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41EE02F4-02F7-49A3-AFCA-C20BA2AF65C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97045EB4-F22C-4694-BFB2-C1EA72705206\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DC6246-988E-4259-8BAF-4F104ED12936\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34D221E-E9D9-4A1D-B3BC-CB66456D004B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FF95406-DAA6-4164-95CE-F88F19C8DE24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65EF36A4-EC77-46FA-B9E9-24B8DBC71BE2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86D9BEC1-F4C2-4BE6-A608-D8958A032972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77F04B12-6063-4BAB-A69B-F1F19CC3FFB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A77E458-3AE9-4B02-9A9F-A640DAE073B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF78DF61-E6C3-4E92-A8B9-843698D03D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F2A57F-2CDD-48F8-AC92-1E599875E704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F2BAD43-DDF2-4830-A844-8A6F18EF98CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB1ECEF-8420-41CF-9CFD-AD551BB04C9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4C45914-1CB3-440F-AB7B-564B3A09D9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"581E047E-339B-4CB4-ADA9-AF25BE0345B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C16A0D77-DA95-41D7-9BE2-7B306AF9FF6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4BAE0F1-010D-47D8-B65E-335EF455C951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91DD3FC9-2530-4BAA-929A-6D4E96868B74\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"552E49DC-80FD-4422-9341-44CE0C127027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDEAEFC9-9C50-44F9-8D8C-FAC18F706DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92BD73CE-88F8-4DF0-8293-FBE1FEC8BAB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B438CEA-C321-4B48-8610-9E0CABA7F9B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C584AF-64B0-4DCB-9E36-E60170654D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DD15542-FBFB-4513-BC42-5EE63247313D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98247C01-F906-426A-B5C6-5A3905B83027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7C92F3-D18F-47B8-A6D7-2DD210B0BC77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"323BDFDE-FA24-4169-8BD4-C7978C4FDBBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FA479ED-0B6B-464A-B476-82C5C4E05D20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EFF6DF6-DE51-49EA-B745-4EBC20814E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B00856-5DDC-415A-98AC-62736B9C2DA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC6B5FF9-7A46-46D9-BEA2-2146F958E6BD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0122E5B-7EBF-431A-B144-45F945099FE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59BC8D7B-866E-42E5-9EF9-E8F487AE21C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1982C3-4F1B-4B62-AB75-0FE88EA1BC33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A3AD71-6E48-40CF-BA9D-75B6D8D02B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0CBE6FE-12C8-4E5E-990E-9E4859862A80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACBBA64F-F39C-422A-9FDB-72372B6C4320\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43121525-06CD-4C4A-A4C0-5AC26CDB275F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72855B60-229B-4AB9-9786-1EDDA8F16DAB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99E43D2-D49C-4990-B683-2E26D58DB816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C082352C-DFE1-461A-9803-C180021144A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F49B9C56-71B4-4B1B-ABD8-CFE56A4F0816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA16095-E56A-4523-B738-2C4E86CEF603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"917846BE-1D70-4121-8065-F97F3D710244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7140FE2C-C06C-4005-958C-B00D3CEC6333\"}]}]}],\"references\":[{\"url\":\"http://bugs.mysql.com/bug.php?id=66550\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:102\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/09/11/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/55498\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=852144\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://mariadb.atlassian.net/browse/MDEV-382\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.mysql.com/bug.php?id=66550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/09/11/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/55498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=852144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://mariadb.atlassian.net/browse/MDEV-382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.