cvelist/2012/5xxx/CVE-2012-5611.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2012-5611",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "23075",
            "refsource" : "EXPLOIT-DB",
            "url" : "http://www.exploit-db.com/exploits/23075"
         },
         {
            "name" : "20121201 MySQL (Linux) Stack based buffer overrun PoC Zeroday",
            "refsource" : "FULLDISC",
            "url" : "http://seclists.org/fulldisclosure/2012/Dec/4"
         },
         {
            "name" : "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based  buffer overrun PoC Zeroday",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2012/12/02/3"
         },
         {
            "name" : "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based  buffer overrun PoC Zeroday",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2012/12/02/4"
         },
         {
            "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
            "refsource" : "CONFIRM",
            "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
         },
         {
            "name" : "https://kb.askmonty.org/en/mariadb-5166-release-notes/",
            "refsource" : "CONFIRM",
            "url" : "https://kb.askmonty.org/en/mariadb-5166-release-notes/"
         },
         {
            "name" : "https://kb.askmonty.org/en/mariadb-5213-release-notes/",
            "refsource" : "CONFIRM",
            "url" : "https://kb.askmonty.org/en/mariadb-5213-release-notes/"
         },
         {
            "name" : "https://kb.askmonty.org/en/mariadb-5311-release-notes/",
            "refsource" : "CONFIRM",
            "url" : "https://kb.askmonty.org/en/mariadb-5311-release-notes/"
         },
         {
            "name" : "https://kb.askmonty.org/en/mariadb-5528a-release-notes/",
            "refsource" : "CONFIRM",
            "url" : "https://kb.askmonty.org/en/mariadb-5528a-release-notes/"
         },
         {
            "name" : "DSA-2581",
            "refsource" : "DEBIAN",
            "url" : "http://www.debian.org/security/2012/dsa-2581"
         },
         {
            "name" : "GLSA-201308-06",
            "refsource" : "GENTOO",
            "url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml"
         },
         {
            "name" : "MDVSA-2013:150",
            "refsource" : "MANDRIVA",
            "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
         },
         {
            "name" : "MDVSA-2013:102",
            "refsource" : "MANDRIVA",
            "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
         },
         {
            "name" : "RHSA-2012:1551",
            "refsource" : "REDHAT",
            "url" : "http://rhn.redhat.com/errata/RHSA-2012-1551.html"
         },
         {
            "name" : "RHSA-2013:0180",
            "refsource" : "REDHAT",
            "url" : "http://rhn.redhat.com/errata/RHSA-2013-0180.html"
         },
         {
            "name" : "openSUSE-SU-2013:0013",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html"
         },
         {
            "name" : "openSUSE-SU-2013:0011",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html"
         },
         {
            "name" : "openSUSE-SU-2013:0014",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html"
         },
         {
            "name" : "openSUSE-SU-2013:0135",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html"
         },
         {
            "name" : "openSUSE-SU-2013:0156",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html"
         },
         {
            "name" : "SUSE-SU-2013:0262",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html"
         },
         {
            "name" : "openSUSE-SU-2013:1412",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00010.html"
         },
         {
            "name" : "USN-1658-1",
            "refsource" : "UBUNTU",
            "url" : "http://www.ubuntu.com/usn/USN-1658-1"
         },
         {
            "name" : "USN-1703-1",
            "refsource" : "UBUNTU",
            "url" : "http://www.ubuntu.com/usn/USN-1703-1"
         },
         {
            "name" : "oval:org.mitre.oval:def:16395",
            "refsource" : "OVAL",
            "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395"
         },
         {
            "name" : "51443",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/51443"
         },
         {
            "name" : "53372",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/53372"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2012-5611",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "23075",`
			`"refsource" : "EXPLOIT-DB",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.exploit-db.com/exploits/23075"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20121201 MySQL (Linux) Stack based buffer overrun PoC Zeroday",`
			`"refsource" : "FULLDISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://seclists.org/fulldisclosure/2012/Dec/4"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2012/12/02/3"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2012/12/02/4"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://kb.askmonty.org/en/mariadb-5166-release-notes/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://kb.askmonty.org/en/mariadb-5166-release-notes/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://kb.askmonty.org/en/mariadb-5213-release-notes/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://kb.askmonty.org/en/mariadb-5213-release-notes/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://kb.askmonty.org/en/mariadb-5311-release-notes/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://kb.askmonty.org/en/mariadb-5311-release-notes/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://kb.askmonty.org/en/mariadb-5528a-release-notes/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://kb.askmonty.org/en/mariadb-5528a-release-notes/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "DSA-2581",`
			`"refsource" : "DEBIAN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.debian.org/security/2012/dsa-2581"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "GLSA-201308-06",`
			`"refsource" : "GENTOO",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "MDVSA-2013:150",`
			`"refsource" : "MANDRIVA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "MDVSA-2013:102",`
			`"refsource" : "MANDRIVA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2012:1551",`
			`"refsource" : "REDHAT",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://rhn.redhat.com/errata/RHSA-2012-1551.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2013:0180",`
			`"refsource" : "REDHAT",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://rhn.redhat.com/errata/RHSA-2013-0180.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:0013",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:0011",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:0014",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:0135",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:0156",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SU-2013:0262",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "openSUSE-SU-2013:1412",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00010.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "USN-1658-1",`
			`"refsource" : "UBUNTU",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.ubuntu.com/usn/USN-1658-1"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "USN-1703-1",`
			`"refsource" : "UBUNTU",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.ubuntu.com/usn/USN-1703-1"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "oval:org.mitre.oval:def:16395",`
			`"refsource" : "OVAL",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "51443",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/51443"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "53372",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/53372"`
			`}`
			`]`
			`}`
			`}`