CVE-2012-5611
Publication date 3 December 2012
Last updated 24 July 2024
Ubuntu priority
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Status
Package | Ubuntu Release | Status |
---|---|---|
mysql-5.1 | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric |
Fixed 5.1.66-0ubuntu0.11.10.3
|
|
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
mysql-5.5 | 12.10 quantal |
Fixed 5.5.28-0ubuntu0.12.10.2
|
12.04 LTS precise |
Fixed 5.5.28-0ubuntu0.12.04.3
|
|
11.10 oneiric | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
mysql-dfsg-5.1 | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid |
Fixed 5.1.66-0ubuntu0.10.04.3
|
|
8.04 LTS hardy | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-1658-1
- MySQL vulnerability
- 10 December 2012
- USN-1703-1
- MySQL vulnerabilities
- 22 January 2013