Common Vulnerabilities and Exposures assigned an identifier CVE-2012-1689 to the following vulnerability: Name: CVE-2012-1689 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1689 Assigned: 20120316 Reference: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
This CVE may be a full or partial duplicate of CVE-2012-2750 (bug #833742). Upstream is unlikely to provide any further info, so we can't be sure.
A possible candidate for this issue is the following change: http://bazaar.launchpad.net/~mysql/mysql-server/5.1/revision/3695 Bug#13012483:EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN CHECK_SIMPLE_EQUALITY This should allow database user with SQL access without administrative privileges to trigger mysqld crash. The problem is not reproducible with mysql packages in Red Hat Enterprise Linux 5 and 6.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1462 https://rhn.redhat.com/errata/RHSA-2012-1462.html