CVE-2012-5611

Published Dec 3, 2012
Last updated 3 months ago
CVSS info 6.5
Overview

Description: Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-119
Hype score: Not currently trending
Evaluator

Comment: per http://www.openwall.com/lists/oss-security/2012/12/02/3, this vulnerability is only on linux-based software installations
Impact: -
Solution: -
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86D9BEC1-F4C2-4BE6-A608-D8958A032972"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77F04B12-6063-4BAB-A69B-F1F19CC3FFB8"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A77E458-3AE9-4B02-9A9F-A640DAE073B3"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF78DF61-E6C3-4E92-A8B9-843698D03D18"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56F2A57F-2CDD-48F8-AC92-1E599875E704"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F2BAD43-DDF2-4830-A844-8A6F18EF98CC"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCB1ECEF-8420-41CF-9CFD-AD551BB04C9F"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4C45914-1CB3-440F-AB7B-564B3A09D9BB"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "581E047E-339B-4CB4-ADA9-AF25BE0345B8"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C16A0D77-DA95-41D7-9BE2-7B306AF9FF6B"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4BAE0F1-010D-47D8-B65E-335EF455C951"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91DD3FC9-2530-4BAA-929A-6D4E96868B74"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "552E49DC-80FD-4422-9341-44CE0C127027"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDEAEFC9-9C50-44F9-8D8C-FAC18F706DAD"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92BD73CE-88F8-4DF0-8293-FBE1FEC8BAB2"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B438CEA-C321-4B48-8610-9E0CABA7F9B0"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56C584AF-64B0-4DCB-9E36-E60170654D03"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DD15542-FBFB-4513-BC42-5EE63247313D"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98247C01-F906-426A-B5C6-5A3905B83027"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F7C92F3-D18F-47B8-A6D7-2DD210B0BC77"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "323BDFDE-FA24-4169-8BD4-C7978C4FDBBA"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FA479ED-0B6B-464A-B476-82C5C4E05D20"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EFF6DF6-DE51-49EA-B745-4EBC20814E6A"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8B00856-5DDC-415A-98AC-62736B9C2DA9"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC6B5FF9-7A46-46D9-BEA2-2146F958E6BD"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0122E5B-7EBF-431A-B144-45F945099FE6"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59BC8D7B-866E-42E5-9EF9-E8F487AE21C6"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A1982C3-4F1B-4B62-AB75-0FE88EA1BC33"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A3AD71-6E48-40CF-BA9D-75B6D8D02B9A"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0CBE6FE-12C8-4E5E-990E-9E4859862A80"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACBBA64F-F39C-422A-9FDB-72372B6C4320"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43121525-06CD-4C4A-A4C0-5AC26CDB275F"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72855B60-229B-4AB9-9786-1EDDA8F16DAB"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64040784-F6ED-4FC2-8D43-6DAB38770BEF"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A242B531-0936-4F67-8F07-245FE929F034"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ABB8B61-273F-441A-98B3-56EF456EDF6F"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F99E43D2-D49C-4990-B683-2E26D58DB816"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C082352C-DFE1-461A-9803-C180021144A6"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49B9C56-71B4-4B1B-ABD8-CFE56A4F0816"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCA16095-E56A-4523-B738-2C4E86CEF603"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "917846BE-1D70-4121-8065-F97F3D710244"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7140FE2C-C06C-4005-958C-B00D3CEC6333"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D4C9720-8FC9-4EF3-81C9-D84D6E6EA949"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "813E44E5-8B9B-4FCA-86A2-4AA4135F9EDF"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E1B28CE-BFE1-4331-90F9-E6BA672BDAA9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77E105E9-FE65-4B75-9818-D3897294E941"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References
