Vulnerability CVE-2012-4414

Vulnerability Name:

CVE-2012-4414 (CCN-78421)

Assigned:

2012-09-11

Published:

2012-09-11

Updated:

2023-02-13

Summary:

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
5.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Data Manipulation

References:

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2012-4414

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: MariaDB Web Site
MariaDB

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-55498
MariaDB CVE-2012-4414 Multiple SQL Injection Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 852144
CVE-2012-4414 mysql: Multiple SQL injection flaws by generation of binlog entries

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
mariadb-multiple-sql-injection(78421)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20124414	V	CVE-2012-4414	2022-06-30
oval:org.opensuse.security:def:993	P	Security update for helm-mirror (Moderate)	2022-05-31
oval:org.opensuse.security:def:1515	P	Security update for MozillaThunderbird (Important)	2022-05-17
oval:org.opensuse.security:def:112715	P	libmysqlclient-devel-10.0.22-3.8 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64636	P	Security update for python3 (Moderate)	2021-12-13
oval:org.opensuse.security:def:1048	P	Security update for wireshark (Moderate)	2021-12-06
oval:org.opensuse.security:def:68070	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-10-14
oval:org.opensuse.security:def:106188	P	libmysqlclient-devel-10.0.22-3.8 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:103705	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71423	P	xscreensaver-5.37-3.51 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71310	P	libserf-1-1-1.3.9-2.31 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63215	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:90050	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2126	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:97015	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:47975	P	coreutils-8.25-13.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47570	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48215	P	libvirglrenderer0-0.5.0-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47705	P	libexif12-0.6.21-8.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47514	P	tcpdump-4.9.0-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48030	P	grub2-2.02-12.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47529	P	xdg-utils-20140630-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48270	P	perl-XML-LibXML-2.0019-6.3.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47843	P	pam_ssh-2.0-1.39 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47569	P	busybox-1.21.1-3.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48067	P	libQt5Concurrent5-5.6.2-6.15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47584	P	cups-1.7.5-20.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47898	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47515	P	tftp-5.2-10.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48122	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47650	P	java-1_7_0-openjdk-1.7.0.181-43.15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:64723	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:1570	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:48484	P	libblkid1-2.28-40.28 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48630	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48726	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48513	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48640	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48742	P	libqt4-sql-mysql-32bit-4.8.6-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48568	P	libvte9-0.28.2-19.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48695	P	libssh4-0.6.3-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48429	P	glibc-2.22-49.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48797	P	libpolkit0-32bit-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48575	P	logwatch-7.4.3-15.65 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48671	P	freerdp-1.0.2-7.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:67970	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:2071	P	libmysqld-devel-10.2.15-1.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63160	P	libmysqld-devel-10.2.15-1.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49957	P	libopenvswitch-2_8-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49956	P	libmysqld-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50011	P	libmysqld-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49902	P	rmt-server-pubcloud on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20124414000	V	CVE-2012-4414 on Ubuntu 12.04 LTS (precise) - medium.	2013-01-22

BACK