Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability

Bugtraq ID:	53058
Class:	Unknown
CVE:	CVE-2012-1703
Remote:	Yes
Local:	No
Published:	Apr 17 2012 12:00AM
Updated:	Aug 30 2013 12:13AM
Credit:	Oracle
Vulnerable:	Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 MySQL AB MySQL 5.5.21 MySQL AB MySQL 5.5.20 MySQL AB MySQL 5.5 -ms2 MySQL AB MySQL 5.5 MySQL AB MySQL 5.1.61 MySQL AB MySQL 5.1.60 MySQL AB MySQL 5.1.52 MySQL AB MySQL 5.1.51 MySQL AB MySQL 5.1.50 MySQL AB MySQL 5.1.49 MySQL AB MySQL 5.1.48 MySQL AB MySQL 5.1.47 MySQL AB MySQL 5.1.46 MySQL AB MySQL 5.1.45 MySQL AB MySQL 5.1.44 MySQL AB MySQL 5.1.43 MySQL AB MySQL 5.1.42 MySQL AB MySQL 5.1.42 MySQL AB MySQL 5.1.41 MySQL AB MySQL 5.1.39 MySQL AB MySQL 5.1.38 MySQL AB MySQL 5.1.37 MySQL AB MySQL 5.1.36 MySQL AB MySQL 5.1.35 MySQL AB MySQL 5.1.34 MySQL AB MySQL 5.1.33 MySQL AB MySQL 5.1.32 MySQL AB MySQL 5.1.31 MySQL AB MySQL 5.1.30 MySQL AB MySQL 5.1.26 MySQL AB MySQL 5.1.23 MySQL AB MySQL 5.1.22 MySQL AB MySQL 5.1.21 MySQL AB MySQL 5.1.20 MySQL AB MySQL 5.1.18 MySQL AB MySQL 5.1.17 MySQL AB MySQL 5.1.16 MySQL AB MySQL 5.1.15 MySQL AB MySQL 5.1.14 MySQL AB MySQL 5.1.13 MySQL AB MySQL 5.1.12 MySQL AB MySQL 5.1.11 MySQL AB MySQL 5.1.10 MySQL AB MySQL 5.1.9 MySQL AB MySQL 5.1.8 MySQL AB MySQL 5.1.6 MySQL AB MySQL 5.1.5 MySQL AB MySQL 5.1.4 MySQL AB MySQL 5.1.3 MySQL AB MySQL 5.1.2 MySQL AB MySQL 5.1.1 8 MySQL AB MySQL 5.0.63 MySQL AB MySQL 5.1.5A MySQL AB MySQL 5.1.46 Sp1 MySQL AB MySQL 5.1.43 Sp1 MySQL AB MySQL 5.1.40 Sp1 MySQL AB MySQL 5.1.40 MySQL AB MySQL 5.1.37 Sp1 MySQL AB MySQL 5.1.34 Sp1 MySQL AB MySQL 5.1.32-Bzr MySQL AB MySQL 5.1.31 Sp1 MySQL AB MySQL 5.1.29 MySQL AB MySQL 5.1.28 MySQL AB MySQL 5.1.27 MySQL AB MySQL 5.1.25 MySQL AB MySQL 5.1.24 MySQL AB MySQL 5.1.23A MySQL AB MySQL 5.1.23 Bk MySQL AB MySQL 5.1.23 A MySQL AB MySQL 5.1.19 MySQL AB MySQL 5.1 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 CentOS CentOS 6
Not Vulnerable:

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability

Oracle MySQL is prone to a remote vulnerability in MySQL Server.

The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'Server Optimizer' sub component is affected.

This vulnerability affects the following supported versions:
5.1.61 and earlier, 5.5.21 and earlier

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability

Solution:
Vendor updates are available. Please contact the vendor for more information.

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability

References:

• Oracle Critical Patch Update Advisory - April 2012 (Oracle)