CVE-2013-1492 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mysql

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents5 sources

Severity

7.5HIGHNVD

EPSS

1.1%

top 22.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Oracle Mysql

Timeline

PublishedMar 28

Latest updateMay 13

Description

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmysql/mysql6 versions+5

▶NVDoracle/mysql95 versions+94

🔴Vulnerability Details

GHSA

GHSA-8qfx-94fg-9j72: Buffer overflow in yaSSL, as used in MySQL 5↗2022-05-13

▶

GHSA

GHSA-32hc-mvpr-c38m: Buffer overflow in yaSSL, as used in MySQL 5↗2022-05-04

▶

📋Vendor Advisories

Ubuntu

MySQL vulnerabilities↗2013-04-25

▶

Ubuntu

MySQL vulnerabilities↗2013-04-25

▶

Red Hat

mysql: yaSSL buffer overflow (a different flaw than CVE-2012-0553)↗2013-03-19

▶

Red Hat

mysql: yaSSL buffer overflow ((a different flaw than CVE-2013-1492)↗2013-03-19

▶

💬Community

Bugzilla

CVE-2012-0553 mysql: yaSSL buffer overflow ((a different flaw than CVE-2013-1492)↗2013-03-29

▶

Bugzilla

CVE-2013-1492 mysql: yaSSL buffer overflow (a different flaw than CVE-2012-0553)↗2013-03-29

▶