CVE-2012-5611
CVE-2012-5611
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/23075unverifiedexploitdbwww.exploit-db.com/exploits/23075unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2013-09/msg00010.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1551.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0180.htmlhttp://seclists.org/fulldisclosure/2012/Dec/4http://secunia.com/advisories/51443http://secunia.com/advisories/53372