mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
117 lines
4.4 KiB
JSON
117 lines
4.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2012-4414",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://mariadb.atlassian.net/browse/MDEV-382",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://mariadb.atlassian.net/browse/MDEV-382"
|
|
},
|
|
{
|
|
"name": "http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/",
|
|
"refsource": "MISC",
|
|
"url": "http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/"
|
|
},
|
|
{
|
|
"name": "MDVSA-2013:102",
|
|
"refsource": "MANDRIVA",
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2013:0156",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2013:0135",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2013:0011",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2013:0014",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB",
|
|
"refsource": "MLIST",
|
|
"url": "http://www.openwall.com/lists/oss-security/2012/09/11/4"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=852144",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852144"
|
|
},
|
|
{
|
|
"name": "http://bugs.mysql.com/bug.php?id=66550",
|
|
"refsource": "MISC",
|
|
"url": "http://bugs.mysql.com/bug.php?id=66550"
|
|
},
|
|
{
|
|
"name": "MDVSA-2013:150",
|
|
"refsource": "MANDRIVA",
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
|
|
},
|
|
{
|
|
"name": "55498",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/55498"
|
|
}
|
|
]
|
|
}
|
|
} |