CVE-2012-2749 — Mysql vulnerability

CWE-3995 documents4 sources

Severity

4.0MEDIUMNVD

EPSS

0.5%

top 33.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedAug 17

Latest updateMay 13

Description

MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmysql/mysql6 versions+5

▶NVDoracle/mysql84 versions+83

🔴Vulnerability Details

GHSA

GHSA-3rhr-hm6q-fchf: MySQL 5↗2022-05-13

▶

📋Vendor Advisories

Red Hat

mysql: crash caused by wrong calculation of key length for sort order index↗2012-04-04

▶

💬Community

Bugzilla

CVE-2012-1734 mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jul 2012)↗2012-07-18

▶

Bugzilla

CVE-2012-2749 mysql: crash caused by wrong calculation of key length for sort order index↗2012-06-20

▶