#VU43240 Buffer overflow in mysql - CVE-2012-0882

Cybersecurity Help s.r.o.

Published: 2012-12-21 | Updated: 2020-08-11

Vulnerability identifier: #VU43240

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-0882

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
mysql

Vendor: Google

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.

Mitigation
Install update from vendor's website.

Vulnerable software versions

mysql: 5.1 - 5.5.21

External links
https://www.openwall.com/lists/oss-security/2012/02/24/2
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=789141
https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html
https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Google, mysql