CVE-2012-2102 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mysql

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources

Severity

3.5LOWNVD

EPSS

0.5%

top 35.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedAug 17

Latest updateMay 13

Description

MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

▶NVDmysql/mysql6 versions+5

▶NVDoracle/mysql81 versions+80

🔴Vulnerability Details

GHSA

GHSA-jwxg-6x5j-r846: MySQL 5↗2022-05-13

▶

📋Vendor Advisories

Red Hat

mysql: Server crash on HANDLER READ NEXT after DELETE↗2012-03-21

▶

💬Community

Bugzilla

mysql: Oracle CPU April 2012↗2012-06-15

▶

Bugzilla

CVE-2012-2102 mysql: Server crash on HANDLER READ NEXT after DELETE↗2012-04-13

▶