CVE-2012-4414
Published Jan 22, 2013
Last updated a year ago
Overview
- Description
- Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFB1893D-61DC-4FFF-8BC0-68A8D6A28A71",
"versionEndIncluding": "5.5.28"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78E1D047-8CCC-4C1F-B151-B937CDA06295"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "950EB4D1-6328-41C9-8739-46529C043615"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.52:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36618CD5-C8DE-4356-B53D-EB12A8F3AEC2"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E1B28CE-BFE1-4331-90F9-E6BA672BDAA9"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B43FDCD2-6FB0-4606-8357-B0F63368C6CB"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49DC76BF-857D-4CCE-B772-CA73AB14EABE"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.56:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7CEB039-C129-4C0C-AA90-89A816F96052"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8656BD5D-2A3F-48DA-8FEB-FFDD7DA557A0"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.58:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E504B098-BFC4-418C-AD24-F9A02E59DD3E"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.59:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EBB49CB-C15F-4F5B-B4B8-2C1B91A6A841"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED264D57-BD4F-4020-B120-9DC3175D106F"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86C2079F-93E8-4EE3-BE75-836807D93AA2"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AF9060C-9469-48DA-858A-BB42E77AF88F"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.63:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E268D9E-0C18-4257-8820-634B7357BEE0"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0942892C-2106-4F1F-AEBE-78C1CF55E363"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.65:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE6C87CE-8BA5-4701-B295-7672AF52E6B5"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.66:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EABA08A-81F1-46ED-BF57-FA63229DDCE4"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.1.67:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FD6AA9F-7F35-4522-B396-C2179ED9B490"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "312DACA6-F414-4EA8-A817-6E1C506AF780"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6095FC85-BF0E-423C-9311-0B6387E91F4B"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD0E8107-CAEA-44D7-B82D-2571F7A7E65B"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB58C978-1FBE-4BF9-A473-C99FBF943484"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5079BA1C-B1A7-4298-BC8A-EBD63AA45186"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94F7A061-66FE-4EAD-918B-6C4500A21BE4"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DED856E3-69A6-4681-B1EF-871810E8F7C8"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C147F1EE-29ED-4211-9F7E-8D0172BD0045"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0812F864-91E0-4B3E-9CB3-33B7514B9330"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77E105E9-FE65-4B75-9818-D3897294E941"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCC68032-1200-4506-A678-E7DF474E9C28"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19518B17-0C4B-4589-BB41-87DAF0AB4BC6"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54047553-C08F-474C-8650-89AAAC68056B"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41EE02F4-02F7-49A3-AFCA-C20BA2AF65C2"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97045EB4-F22C-4694-BFB2-C1EA72705206"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88DC6246-988E-4259-8BAF-4F104ED12936"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C34D221E-E9D9-4A1D-B3BC-CB66456D004B"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FF95406-DAA6-4164-95CE-F88F19C8DE24"
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65EF36A4-EC77-46FA-B9E9-24B8DBC71BE2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86D9BEC1-F4C2-4BE6-A608-D8958A032972"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77F04B12-6063-4BAB-A69B-F1F19CC3FFB8"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A77E458-3AE9-4B02-9A9F-A640DAE073B3"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF78DF61-E6C3-4E92-A8B9-843698D03D18"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56F2A57F-2CDD-48F8-AC92-1E599875E704"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F2BAD43-DDF2-4830-A844-8A6F18EF98CC"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCB1ECEF-8420-41CF-9CFD-AD551BB04C9F"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4C45914-1CB3-440F-AB7B-564B3A09D9BB"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "581E047E-339B-4CB4-ADA9-AF25BE0345B8"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C16A0D77-DA95-41D7-9BE2-7B306AF9FF6B"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4BAE0F1-010D-47D8-B65E-335EF455C951"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91DD3FC9-2530-4BAA-929A-6D4E96868B74"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "552E49DC-80FD-4422-9341-44CE0C127027"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDEAEFC9-9C50-44F9-8D8C-FAC18F706DAD"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92BD73CE-88F8-4DF0-8293-FBE1FEC8BAB2"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B438CEA-C321-4B48-8610-9E0CABA7F9B0"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56C584AF-64B0-4DCB-9E36-E60170654D03"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DD15542-FBFB-4513-BC42-5EE63247313D"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98247C01-F906-426A-B5C6-5A3905B83027"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F7C92F3-D18F-47B8-A6D7-2DD210B0BC77"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "323BDFDE-FA24-4169-8BD4-C7978C4FDBBA"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FA479ED-0B6B-464A-B476-82C5C4E05D20"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EFF6DF6-DE51-49EA-B745-4EBC20814E6A"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8B00856-5DDC-415A-98AC-62736B9C2DA9"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC6B5FF9-7A46-46D9-BEA2-2146F958E6BD"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0122E5B-7EBF-431A-B144-45F945099FE6"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59BC8D7B-866E-42E5-9EF9-E8F487AE21C6"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1982C3-4F1B-4B62-AB75-0FE88EA1BC33"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49A3AD71-6E48-40CF-BA9D-75B6D8D02B9A"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0CBE6FE-12C8-4E5E-990E-9E4859862A80"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACBBA64F-F39C-422A-9FDB-72372B6C4320"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43121525-06CD-4C4A-A4C0-5AC26CDB275F"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72855B60-229B-4AB9-9786-1EDDA8F16DAB"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F99E43D2-D49C-4990-B683-2E26D58DB816"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C082352C-DFE1-461A-9803-C180021144A6"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F49B9C56-71B4-4B1B-ABD8-CFE56A4F0816"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCA16095-E56A-4523-B738-2C4E86CEF603"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "917846BE-1D70-4121-8065-F97F3D710244"
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7140FE2C-C06C-4005-958C-B00D3CEC6333"
}
],
"operator": "OR"
}
]
}
]