CVE-2012-5611
Description
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
66.648
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update MariaDB to 10.0.1 | Windows |
| Update MariaDB to 5.1.66 | Windows |
| Update MariaDB to 5.1.67 | Windows |
| Update MariaDB to 5.2.13 | Windows |
| Update MariaDB to 5.2.14 | Windows |
| Update MariaDB to 5.3.11 | Windows |
| Update MariaDB to 5.3.12 | Windows |
| Update MariaDB to 5.5.28 | Windows |
| Update MariaDB to 5.5.29 | Windows |
| Vulnerabilities CVE-2012-3163,CVE-2012-5611,CVE-2012-5612 are affected in Mysql 9.0 | Windows |
| (RHSA-2013:0180) Important: mysql security update mysql-5.0.95-5.el5_9.i386.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-5.0.95-5.el5_9.x86_64.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-bench-5.0.95-5.el5_9.i386.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-bench-5.0.95-5.el5_9.x86_64.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-devel-5.0.95-5.el5_9.i386.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-devel-5.0.95-5.el5_9.x86_64.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-server-5.0.95-5.el5_9.i386.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-server-5.0.95-5.el5_9.x86_64.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-test-5.0.95-5.el5_9.i386.rpm | Linux |
| (RHSA-2013:0180) Important: mysql security update mysql-test-5.0.95-5.el5_9.x86_64.rpm | Linux |
| Update MariaDB to 10.0.1 (For Linux) | Linux |
| Update MariaDB to 5.1.66 (For Linux) | Linux |
| Update MariaDB to 5.1.67 (For Linux) | Linux |
| Update MariaDB to 5.2.13 (For Linux) | Linux |
| Update MariaDB to 5.2.14 (For Linux) | Linux |
| Update MariaDB to 5.3.11 (For Linux) | Linux |
| Update MariaDB to 5.3.12 (For Linux) | Linux |
| Update MariaDB to 5.5.28 (For Linux) | Linux |
| Update MariaDB to 5.5.29 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234