Main Vulnerability Database Vulnerabilities #VU43398

Input validation error in mysql - CVE-2012-3149

Published: October 17, 2012 / Updated: August 11, 2020

Vulnerability identifier: #VU43398

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2012-3149

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
mysql

Detailed vulnerability description

The vulnerability allows a remote #AU# to gain access to sensitive information.

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.

How to mitigate CVE-2012-3149

Install update from vendor's website.

Sources

http://secunia.com/advisories/51177
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
http://www.ubuntu.com/usn/USN-1621-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/79390

Input validation error in mysql - CVE-2012-3149

Detailed vulnerability description

How to mitigate CVE-2012-3149

Sources

Please verify you're human