Main Vulnerability Database Exploits ID:4454 - Exploit for Input validation error in MariaDB and mysql - CVE-2012-5614

ID:4454 - Exploit for Input validation error in MariaDB and mysql - CVE-2012-5614

Published: August 11, 2020

Vulnerability identifier: #VU43279

Vulnerability risk: Low

CVE-ID: CVE-2012-5614

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
MariaDB
mysql

Link to public exploit:

https://www.exploit-db.com/exploits/23078/

Vulnerability description

The vulnerability allows a remote #AU# to perform service disruption.

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.

Remediation

Install update from vendor's website.

ID:4454 - Exploit for Input validation error in MariaDB and mysql - CVE-2012-5614

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human