Back to search
CVE-2012-5611
Published: Dec 3, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://kb.askmonty.org/en/mariadb-5528a-release-notes/
x_refsource_CONFIRM
openSUSE-SU-2013:0013
vendor-advisory
x_refsource_SUSE
23075
exploit
x_refsource_EXPLOIT-DB
USN-1703-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2013:102
vendor-advisory
x_refsource_MANDRIVA
openSUSE-SU-2013:0156
vendor-advisory
x_refsource_SUSE
53372
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:0135
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0011
vendor-advisory
x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
x_refsource_CONFIRM
[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
mailing-list
x_refsource_MLIST
https://kb.askmonty.org/en/mariadb-5166-release-notes/
x_refsource_CONFIRM
RHSA-2013:0180
vendor-advisory
x_refsource_REDHAT
20121201 MySQL (Linux) Stack based buffer overrun PoC Zeroday
mailing-list
x_refsource_FULLDISC
GLSA-201308-06
vendor-advisory
x_refsource_GENTOO
[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday
mailing-list
x_refsource_MLIST
RHSA-2012:1551
vendor-advisory
x_refsource_REDHAT
DSA-2581
vendor-advisory
x_refsource_DEBIAN
SUSE-SU-2013:0262
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0014
vendor-advisory
x_refsource_SUSE
51443
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:1412
vendor-advisory
x_refsource_SUSE
https://kb.askmonty.org/en/mariadb-5311-release-notes/
x_refsource_CONFIRM
oval:org.mitre.oval:def:16395
vdb-entry
signature
x_refsource_OVAL
USN-1658-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
https://kb.askmonty.org/en/mariadb-5213-release-notes/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now