Novell Home

CVE-2012-4414

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-4414 at MITRE

Description

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 779476

SUSE Security Advisories:

© 2014 Novell