Unrated severityNVD Advisory· Published Dec 3, 2012· Updated Apr 29, 2026
CVE-2012-5611
CVE-2012-5611
Description
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Affected products
46cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*+ 43 more
- cpe:2.3:a:mariadb:mariadb:5.1.41:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.42:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.44:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.47:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.49:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.50:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.51:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.53:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.55:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.60:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.61:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.1.62:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:mysql:5.1.53:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-09/msg00010.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1551.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-0180.htmlnvdThird Party Advisory
- seclists.org/fulldisclosure/2012/Dec/4nvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/glsa-201308-06.xmlnvdThird Party Advisory
- www.debian.org/security/2012/dsa-2581nvdThird Party Advisory
- www.exploit-db.com/exploits/23075nvdThird Party AdvisoryVDB Entry
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2012/12/02/3nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2012/12/02/4nvdMailing ListThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpujan2013-1515902.htmlnvdThird Party Advisory
- www.ubuntu.com/usn/USN-1658-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1703-1nvdThird Party Advisory
- kb.askmonty.org/en/mariadb-5166-release-notes/nvdThird Party Advisory
- kb.askmonty.org/en/mariadb-5213-release-notes/nvdThird Party Advisory
- kb.askmonty.org/en/mariadb-5311-release-notes/nvdThird Party Advisory
- kb.askmonty.org/en/mariadb-5528a-release-notes/nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395nvdThird Party Advisory
- secunia.com/advisories/51443nvdBroken Link
- secunia.com/advisories/53372nvdBroken Link
News mentions
0No linked articles in our index yet.