CVE-2012-1703 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Mysql

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources

Severity

6.8MEDIUMNVD

CNA4.0CISA7.8

EPSS

0.8%

top 25.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mariadb Oracle Mysql Redhat Enterprise Linux Desktop +4 more

Timeline

PublishedMay 3

Latest updateMay 13

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages6 packages

▶NVDoracle/mysql5.1.0 — 5.1.61+1

▶NVDredhat/enterprise_linux_server6.0

▶NVDmariadb/mariadb5.1.0 — 5.1.62+1

▶NVDredhat/enterprise_linux_desktop6.0

▶NVDredhat/enterprise_linux_hpc_node6.0

Also affects: Enterprise Linux 6.3.z

🔴Vulnerability Details

GHSA

GHSA-6xhq-pwm3-5877: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5↗2022-05-13

▶

CVEList

CVE-2012-1703: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5↗2012-05-03

▶

📋Vendor Advisories

CISA

Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability↗2022-03-03

▶

Red Hat

mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Apr 2012)↗2012-04-17

▶

Red Hat

mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Apr 2012)↗2012-04-17

▶

💬Community

Bugzilla

CVE-2012-1703 mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Apr 2012)↗2012-04-19

▶