CVE-2012-3167

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:N/I:N/A:P

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
http://secunia.com/advisories/51177	Not Applicable Third Party Advisory
http://secunia.com/advisories/51309	Not Applicable Third Party Advisory
http://secunia.com/advisories/53372	Not Applicable Third Party Advisory
http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
http://www.debian.org/security/2012/dsa-2581	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch Vendor Advisory
http://www.ubuntu.com/usn/USN-1621-1	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/79392	Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2012-1462.html	Third Party Advisory
http://secunia.com/advisories/51177	Not Applicable Third Party Advisory
http://secunia.com/advisories/51309	Not Applicable Third Party Advisory
http://secunia.com/advisories/53372	Not Applicable Third Party Advisory
http://security.gentoo.org/glsa/glsa-201308-06.xml	Third Party Advisory
http://www.debian.org/security/2012/dsa-2581	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch Vendor Advisory
http://www.ubuntu.com/usn/USN-1621-1	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/79392	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:6.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 5 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

History

21 Nov 2024, 01:40

Type	Values Removed	Values Added
References	~~() http://rhn.redhat.com/errata/RHSA-2012-1462.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2012-1462.html - Third Party Advisory
References	~~() http://secunia.com/advisories/51177 - Not Applicable, Third Party Advisory~~	() http://secunia.com/advisories/51177 - Not Applicable, Third Party Advisory
References	~~() http://secunia.com/advisories/51309 - Not Applicable, Third Party Advisory~~	() http://secunia.com/advisories/51309 - Not Applicable, Third Party Advisory
References	~~() http://secunia.com/advisories/53372 - Not Applicable, Third Party Advisory~~	() http://secunia.com/advisories/53372 - Not Applicable, Third Party Advisory
References	~~() http://security.gentoo.org/glsa/glsa-201308-06.xml - Third Party Advisory~~	() http://security.gentoo.org/glsa/glsa-201308-06.xml - Third Party Advisory
References	~~() http://www.debian.org/security/2012/dsa-2581 - Third Party Advisory~~	() http://www.debian.org/security/2012/dsa-2581 - Third Party Advisory
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link, Third Party Advisory~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link, Third Party Advisory
References	~~() http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html - Patch, Vendor Advisory
References	~~() http://www.ubuntu.com/usn/USN-1621-1 - Third Party Advisory~~	() http://www.ubuntu.com/usn/USN-1621-1 - Third Party Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/79392 - Third Party Advisory, VDB Entry~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/79392 - Third Party Advisory, VDB Entry

27 Oct 2022, 15:21

Type	Values Removed	Values Added
CPE	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-::: cpe:2.3:a:mariadb:mariadb:::::::: cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
References	~~(SECUNIA) http://secunia.com/advisories/51177 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/51177 - Not Applicable, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/53372 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/53372 - Not Applicable, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/51309 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/51309 - Not Applicable, Third Party Advisory
References	~~(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Third Party Advisory~~	(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link, Third Party Advisory

Information

Published : 2012-10-17 00:55

Updated : 2024-11-21 01:40

NVD link : CVE-2012-3167

Mitre link : CVE-2012-3167

CVE.ORG link : CVE-2012-3167

JSON object : View

Products Affected

redhat

enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus

canonical

ubuntu_linux

mariadb

mariadb

oracle

mysql

debian

debian_linux

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-3167", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-10-17T00:55:01.573", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51177", "tags": ["Not Applicable", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51309", "tags": ["Not Applicable", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/53372", "tags": ["Not Applicable", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2012/dsa-2581", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link", "Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-1621-1", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79392", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51177", "tags": ["Not Applicable", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51309", "tags": ["Not Applicable", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/53372", "tags": ["Not Applicable", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2012/dsa-2581", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-1621-1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79392", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Server Full Text Search."}], "lastModified": "2024-11-21T01:40:20.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D708F61-BC0C-45D3-9CB7-2DBC18D8469E", "versionEndIncluding": "5.1.63", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4967DDAD-EE63-4408-B5FC-0861BE203372", "versionEndIncluding": "5.5.25", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "535422B3-8693-4F8E-A5EC-BFA622052FC9", "versionEndExcluding": "5.1.66", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56C968B2-7A65-4BE6-881D-F6248189EA32", "versionEndExcluding": "5.5.27", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}

3.5 /10