CVE-2012-3160
First published: Tue Oct 16 2012(Updated: )
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MySQL | >=5.1.0<=5.1.65 | |
| MySQL | >=5.5.0<=5.5.27 | |
| Ubuntu Linux | =10.04 | |
| Ubuntu Linux | =11.10 | |
| Ubuntu Linux | =12.04 | |
| Ubuntu Linux | =12.10 | |
| Debian GNU/Linux | =6.0 | |
| Debian GNU/Linux | =7.0 | |
| Ariadne CMS | >=5.1.0<5.1.66 | |
| Ariadne CMS | >=5.5.0<5.5.28 | |
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux eus | =6.3 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux workstation | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2012-1462.html
- http://secunia.com/advisories/51177
- http://secunia.com/advisories/51309
- http://secunia.com/advisories/53372
- http://security.gentoo.org/glsa/glsa-201308-06.xml
- http://www.debian.org/security/2012/dsa-2581
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
- http://www.ubuntu.com/usn/USN-1621-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79394
Frequently Asked Questions
What is the severity of CVE-2012-3160?
CVE-2012-3160 has a variable severity rating, largely dependent on the deployment context.
How do I fix CVE-2012-3160?
To remediate CVE-2012-3160, upgrade MySQL Server to version 5.1.66 or later, or 5.5.28 or later.
What versions of MySQL are affected by CVE-2012-3160?
CVE-2012-3160 affects MySQL versions 5.1.65 and earlier, and 5.5.27 and earlier.
Can CVE-2012-3160 be exploited remotely?
CVE-2012-3160 primarily allows local users to affect confidentiality rather than being exploited remotely.
Are other database systems affected by CVE-2012-3160?
The CVE-2012-3160 vulnerability specifically pertains to Oracle MySQL and is not reported for other database systems.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/mysql
- version/mysql/5.1.0
- version/mysql/5.1.65
- version/mysql/5.5.0
- version/mysql/5.5.27
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/10.04
- version/ubuntu linux/11.10
- version/ubuntu linux/12.04
- version/ubuntu linux/12.10
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/6.0
- version/debian gnu/linux/7.0
- vendor/mariadb
- canonical/ariadne cms
- version/ariadne cms/5.1.0
- version/ariadne cms/5.5.0
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/6.3
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0