Unrated severityNVD Advisory· Published Dec 3, 2012· Updated Jun 16, 2026
CVE-2012-5614
CVE-2012-5614
Description
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*range: >=5.1.0,<=5.1.67
- (no CPE)range: <=5.1.67, <=5.5.29
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
11- mariadb.atlassian.net/browse/MDEV-3910nvdBroken LinkPatch
- seclists.org/fulldisclosure/2012/Dec/7nvdExploitMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-0772.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201308-06.xmlnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2012/12/02/3nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2012/12/02/4nvdMailing ListThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.htmlnvdVendor Advisory
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- secunia.com/advisories/53372nvdNot Applicable
- www.mandriva.com/security/advisoriesnvdBroken Link
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.