Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions up to and including 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mariadb mariadb 10.0.0 |
||
mariadb mariadb |
||
oracle mysql |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
suse linux enterprise software development kit 11 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |