CVE-2012-1688

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
http://secunia.com/advisories/48890	Not Applicable
http://secunia.com/advisories/49179	Not Applicable
http://secunia.com/advisories/51309	Not Applicable
http://secunia.com/advisories/53372	Not Applicable
http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Vendor Advisory
http://www.securityfocus.com/bid/53067	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1026934	Broken Link Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
http://secunia.com/advisories/48890	Not Applicable
http://secunia.com/advisories/49179	Not Applicable
http://secunia.com/advisories/51309	Not Applicable
http://secunia.com/advisories/53372	Not Applicable
http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Vendor Advisory
http://www.securityfocus.com/bid/53067	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1026934	Broken Link Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 3 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

History

21 Nov 2024, 01:37

Type	Values Removed	Values Added
References	~~() http://rhn.redhat.com/errata/RHSA-2012-1462.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2012-1462.html - Third Party Advisory
References	~~() http://secunia.com/advisories/48890 - Not Applicable~~	() http://secunia.com/advisories/48890 - Not Applicable
References	~~() http://secunia.com/advisories/49179 - Not Applicable~~	() http://secunia.com/advisories/49179 - Not Applicable
References	~~() http://secunia.com/advisories/51309 - Not Applicable~~	() http://secunia.com/advisories/51309 - Not Applicable
References	~~() http://secunia.com/advisories/53372 - Not Applicable~~	() http://secunia.com/advisories/53372 - Not Applicable
References	~~() http://security.gentoo.org/glsa/glsa-201308-06.xml - Third Party Advisory~~	() http://security.gentoo.org/glsa/glsa-201308-06.xml - Third Party Advisory
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link
References	~~() http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html - Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/53067 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/53067 - Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id?1026934 - Broken Link, Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id?1026934 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2012-05-03 22:55

Updated : 2025-04-11 00:51

NVD link : CVE-2012-1688

Mitre link : CVE-2012-1688

CVE.ORG link : CVE-2012-1688

JSON object : View

Products Affected

redhat

enterprise_linux_eus
enterprise_linux_workstation
enterprise_linux_desktop
enterprise_linux_server

oracle

mysql

mariadb

mariadb

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-1688", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-05-03T22:55:02.387", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/48890", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/49179", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51309", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/53372", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/53067", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1026934", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/48890", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/49179", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51309", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/53372", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/53067", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1026934", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.61 y anteriores, y v5.5.21 y anteriores, que permite a usuarios remotos autenticados afectar la disponibilidad, relacionado con Server DML."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFB5297F-00E3-4FD7-BE85-D9AD483284D6", "versionEndIncluding": "5.1.61", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADFF26FD-261F-423A-B2B8-FAB6F9BEADCD", "versionEndIncluding": "5.5.21", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "900159A3-EA20-4042-A0E2-2E1D48791759", "versionEndExcluding": "5.1.62", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E218187-5A47-4AFE-AF7F-FCE5A22E380F", "versionEndExcluding": "5.5.22", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}

4.0 /10