Wind River Support Network

HomeDefectsLIN5-13204
Fixed

LIN5-13204 : Security Advisory - mysql - CVE-2012-4414

Created: Feb 3, 2013    Updated: Dec 19, 2017
Resolved Date: Mar 27, 2014
Previous ID: LIN3-19900
Found In Version: 5.0
Fix Version: 5.0.1.14
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log.  NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4414

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online