Unrated severityNVD Advisory· Published Jan 22, 2013· Updated Apr 29, 2026
CVE-2012-4414
CVE-2012-4414
Description
Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
98cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*+ 39 more
- cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
- (no CPE)range: <=5.1.62, <=5.2.12, <=5.3.7, <=5.5.25
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*+ 38 more
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*range: <=5.5.28
- cpe:2.3:a:oracle:mysql:5.1.51:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.52:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.52:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.54:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.55:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.56:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.57:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.58:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.59:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.60:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.61:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.62:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.63:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.64:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.65:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.66:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.67:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
- (no CPE)range: <5.5.29
- osv-coords19 versionspkg:rpm/opensuse/mariadb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 10.0.22-3.8+ 18 more
- (no CPE)range: < 10.0.22-3.8
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- bugs.mysql.com/bug.phpnvd
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/nvd
- www.openwall.com/lists/oss-security/2012/09/11/4nvd
- www.securityfocus.com/bid/55498nvd
- bugzilla.redhat.com/show_bug.cginvd
- mariadb.atlassian.net/browse/MDEV-382nvd
News mentions
0No linked articles in our index yet.