CVE-2012-0882 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mysql

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.5HIGHNVD

EPSS

8.9%

top 7.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedDec 21

Latest updateMay 13

Description

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not c…

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmysql/mysql6 versions+5

▶NVDoracle/mysql81 versions+80

🔴Vulnerability Details

GHSA

GHSA-w3hv-rp5r-hr2c: Buffer overflow in yaSSL, as used in MySQL 5↗2022-05-13

▶

📋Vendor Advisories

Red Hat

mysql: unspecified remote exploit (released with VulnDisco Pack Professional 9.17)↗2012-02-09

▶

💬Community

Bugzilla

CVE-2012-0882 mysql: unspecified remote exploit (released with VulnDisco Pack Professional 9.17)↗2012-02-09

▶