Lucene search

K

RedhatCVELIST:CVE-2012-4414

HistoryJan 22, 2013 - 11:00 p.m.

CVE-2012-4414

2013-01-2223:00:00

redhat

www.cve.org

5

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

53.6%

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

References

bugs.mysql.com/bug.php?id=66550

lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html

www.mandriva.com/security/advisories?name=MDVSA-2013:102

www.mandriva.com/security/advisories?name=MDVSA-2013:150

www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/

www.openwall.com/lists/oss-security/2012/09/11/4

www.securityfocus.com/bid/55498

bugzilla.redhat.com/show_bug.cgi?id=852144

mariadb.atlassian.net/browse/MDEV-382

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

53.6%

Related for CVELIST:CVE-2012-4414

prion1 nessus13 cve1 mariadbunix1 ubuntucve1 nvd1 suse4 openvas7 freebsd1 osv1 oracle1