Bug 882599

Summary: CVE-2012-5611 mysql: Stack-based buffer overflow
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED DUPLICATE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: byte, hhorak, redhat, roomojee, tgl
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=important,public=20121201,reported=20121202,source=internet,cvss2=6.5/AV:N/AC:L/Au:S/C:P/I:P/A:P,rhel-5/mysql=affected,rhel-6/mysql=affected,fedora-all/mysql=affected,cwe=CWE-121[auto]
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-03 04:40:32 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 882596    

Description Huzaifa S. Sidhpurwala 2012-12-02 01:47:21 EST
A stack-based buffer overflow was found in Mysql. An authenticated database user could use this flaw to cause mysqld to crash or possibly execute arbitrary code with the privileges of the user running mysql.

Reference:
http://seclists.org/fulldisclosure/2012/Dec/4
Comment 1 Huzaifa S. Sidhpurwala 2012-12-02 01:48:24 EST
This flaw was assigned CVE-2012-5611
Comment 3 Huzaifa S. Sidhpurwala 2012-12-03 04:40:32 EST

*** This bug has been marked as a duplicate of bug 881064 ***