New Search

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server Parser) (CVE-2012-5612)

oval:org.cisecurity:def:8262

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28 and MariaDB 5.5.28a and possibly other versions allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code as demonstrated using certain variations of the (1) USE (2) SHOW TABLES (3) DESCRIBE (4) SHOW FIELDS FROM (5) SHOW COLUMNS FROM (6) SHOW INDEX FROM (7) CREATE TABLE (8) DROP TABLE (9) ALTER TABLE (10) DELETE FROM (11) UPDATE and (12) SET PASSWORD commands.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 8
  • Microsoft Windows 10
  • Microsoft Windows Vista
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2016
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows XP
  • Microsoft Windows Server 2012
Class:
vulnerability
Reference(s):
  • CVE-2012-5612
Product(s):
  • MySQL Server 5.5
  • MariaDB