Stack-Based Buffer Overflow in MySQL and MariaDB Affecting Multiple Versions
CVE-2012-5611

Currently unrated

Key Information:

Vendor

Mariadb

Status
Mariadb
Mysql
Vendor
CVE Published:
3 December 2012

What is CVE-2012-5611?

A stack-based buffer overflow vulnerability exists in the acl_get function of MySQL and MariaDB, allowing remote authenticated users to execute arbitrary code. The issue arises when excessively long arguments are passed to the GRANT FILE command, which can lead to potential exploitation and unauthorized access to system resources.

References

https://kb.askmonty.org/en/mariadb-5528a-release-notes/
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2013...
vendor-advisoryx_refsource_SUSE
http://www.exploit-db.com/exploits/23075
exploitx_refsource_EXPLOIT-DB

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.