Vulnerability Name:

CVE-2012-2750 (CCN-77865)

Assigned:2012-08-03
Published:2012-08-03
Updated:2022-06-23
Summary:Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533.
Note: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
CVSS v3 Severity:3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2012-2750

Source: CCN
Type: MySQL Web site
MySQL

Source: CONFIRM
Type: Broken Link
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html

Source: DEBIAN
Type: Third Party Advisory
DSA-2780

Source: DEBIAN
Type: DSA-2780
mysql-5.1 -- several vulnerabilities

Source: MANDRIVA
Type: Third Party Advisory
MDVSA-2013:250

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update - October 2013

Source: BID
Type: Third Party Advisory, VDB Entry
63125

Source: CCN
Type: BID-63125
Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability

Source: SECTRACK
Type: Broken Link, Third Party Advisory, VDB Entry
1029184

Source: CCN
Type: Red Hat Bugzilla Bug 833742
CVE-2012-2750 mysql: unspecified flaw

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=833742

Source: XF
Type: UNKNOWN
mysql-cve20122750-dos(77865)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2012-2750

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:mysql:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.23)

    • Configuration 2:
  • cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 5.5.0 and <= 5.5.23)

    • Configuration 3:
  • cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.5.22:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:19679
    P
    		DSA-2780-1 mysql-5.1 - several
    2014-06-23
    oval:com.ubuntu.precise:def:20122750000
    V
    		CVE-2012-2750 on Ubuntu 12.04 LTS (precise) - medium.
    2012-08-16
    BACK
    oracle mysql *
    mariadb mariadb *
    debian debian linux 6.0
    oracle mysql 5.5.0
    oracle mysql 5.5.1
    oracle mysql 5.5.2
    oracle mysql 5.5.3
    oracle mysql 5.5.4
    oracle mysql 5.5.5
    oracle mysql 5.5.8
    oracle mysql 5.5.10
    oracle mysql 5.5.11
    oracle mysql 5.5.12
    oracle mysql 5.5.13
    oracle mysql 5.5.14
    oracle mysql 5.5.15
    oracle mysql 5.5.16
    oracle mysql 5.5.17
    oracle mysql 5.5.18
    oracle mysql 5.5.19
    oracle mysql 5.5.20
    oracle mysql 5.5.21
    oracle mysql 5.5.9
    oracle mysql 5.5.7
    oracle mysql 5.5.6
    oracle mysql 5.5.22