What is the severity of CVE-2012-4414?

CVE-2012-4414 is categorized as a high severity vulnerability due to the potential for unauthorized access to database information via SQL injection.

How do I fix CVE-2012-4414?

To remediate CVE-2012-4414, upgrade to a version of MySQL that has mitigated this vulnerability, specifically versions later than 5.5.28 and 5.1.63.

What types of vulnerabilities are associated with CVE-2012-4414?

CVE-2012-4414 is associated with SQL injection vulnerabilities, which allow an attacker to manipulate SQL queries.

Which software versions are affected by CVE-2012-4414?

CVE-2012-4414 affects specific MySQL versions from 5.1.51 to 5.5.28 and several MariaDB versions before their respective patches.

Can CVE-2012-4414 lead to data breaches?

Yes, if exploited, CVE-2012-4414 can lead to data breaches by allowing attackers to execute unauthorized SQL commands.

Vulnerability/
CVE-2012-4414

medium

6.5

CWE

27/8/2012

22/1/2013

13/2/2023

CVE-2012-4414: SQL Injection

First published: Mon Aug 27 2012(Updated: )

Multiple SQL injection flaws were found in the way the binlog functionality (routines producing events describing database changes such as table creation operations or changes to table data) of MySQL, a multi-user, multi-threaded SQL database server, performed sanitization of table names and other fields prior creating particular log entry. Authorised database users (with privilege to modify tables) could use this flaw to inject arbitrary SQL query into subsequently generated binlog entries. References: [1] <a href="https://mariadb.atlassian.net/browse/MDEV-382">https://mariadb.atlassian.net/browse/MDEV-382</a> MariaDB patches: [2] <a href="http://bazaar.launchpad.net/~maria-captains/maria/5.1/revision/3151.1.1">http://bazaar.launchpad.net/~maria-captains/maria/5.1/revision/3151.1.1</a> (against 5.1 branch) [3] <a href="http://bazaar.launchpad.net/~maria-captains/maria/5.2/revision/3163.1.1">http://bazaar.launchpad.net/~maria-captains/maria/5.2/revision/3163.1.1</a> (against 5.2 branch) [4] <a href="http://bazaar.launchpad.net/~maria-captains/maria/5.3/revision/3556.1.2">http://bazaar.launchpad.net/~maria-captains/maria/5.3/revision/3556.1.2</a> (against 5.3 branch) [5] <a href="http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/3508">http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/3508</a> (against 5.5 branch) MySQL bug: [6] <a href="http://bugs.mysql.com/66550">http://bugs.mysql.com/66550</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Oracle MySQL	<=5.5.28
Oracle MySQL	=5.1.51
Oracle MySQL	=5.1.52
Oracle MySQL	=5.1.52-sp1
Oracle MySQL	=5.1.53
Oracle MySQL	=5.1.54
Oracle MySQL	=5.1.55
Oracle MySQL	=5.1.56
Oracle MySQL	=5.1.57
Oracle MySQL	=5.1.58
Oracle MySQL	=5.1.59
Oracle MySQL	=5.1.60
Oracle MySQL	=5.1.61
Oracle MySQL	=5.1.62
Oracle MySQL	=5.1.63
Oracle MySQL	=5.1.64
Oracle MySQL	=5.1.65
Oracle MySQL	=5.1.66
Oracle MySQL	=5.1.67
Oracle MySQL	=5.5.10
Oracle MySQL	=5.5.11
Oracle MySQL	=5.5.12
Oracle MySQL	=5.5.13
Oracle MySQL	=5.5.14
Oracle MySQL	=5.5.15
Oracle MySQL	=5.5.16
Oracle MySQL	=5.5.17
Oracle MySQL	=5.5.18
Oracle MySQL	=5.5.19
Oracle MySQL	=5.5.20
Oracle MySQL	=5.5.21
Oracle MySQL	=5.5.22
Oracle MySQL	=5.5.23
Oracle MySQL	=5.5.24
Oracle MySQL	=5.5.25
Oracle MySQL	=5.5.25-a
Oracle MySQL	=5.5.26
Oracle MySQL	=5.5.27
MariaDB	=5.1.41
MariaDB	=5.1.42
MariaDB	=5.1.44
MariaDB	=5.1.47
MariaDB	=5.1.49
MariaDB	=5.1.50
MariaDB	=5.1.51
MariaDB	=5.1.53
MariaDB	=5.1.55
MariaDB	=5.1.60
MariaDB	=5.1.61
MariaDB	=5.1.62
MariaDB	=5.2.0
MariaDB	=5.2.1
MariaDB	=5.2.2
MariaDB	=5.2.3
MariaDB	=5.2.4
MariaDB	=5.2.5
MariaDB	=5.2.6
MariaDB	=5.2.7
MariaDB	=5.2.8
MariaDB	=5.2.9
MariaDB	=5.2.10
MariaDB	=5.2.11
MariaDB	=5.2.12
MariaDB	=5.3.0
MariaDB	=5.3.1
MariaDB	=5.3.2
MariaDB	=5.3.3
MariaDB	=5.3.4
MariaDB	=5.3.5
MariaDB	=5.3.6
MariaDB	=5.3.7
MariaDB	=5.5.20
MariaDB	=5.5.21
MariaDB	=5.5.22
MariaDB	=5.5.23
MariaDB	=5.5.24
MariaDB	=5.5.25

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-4414?
CVE-2012-4414 is categorized as a high severity vulnerability due to the potential for unauthorized access to database information via SQL injection.
How do I fix CVE-2012-4414?
To remediate CVE-2012-4414, upgrade to a version of MySQL that has mitigated this vulnerability, specifically versions later than 5.5.28 and 5.1.63.
What types of vulnerabilities are associated with CVE-2012-4414?
CVE-2012-4414 is associated with SQL injection vulnerabilities, which allow an attacker to manipulate SQL queries.
Which software versions are affected by CVE-2012-4414?
CVE-2012-4414 affects specific MySQL versions from 5.1.51 to 5.5.28 and several MariaDB versions before their respective patches.
Can CVE-2012-4414 lead to data breaches?
Yes, if exploited, CVE-2012-4414 can lead to data breaches by allowing attackers to execute unauthorized SQL commands.

collector/redhat-bugzilla
alias/CVE-2012-4414
agent/type
agent/first-publish-date
agent/last-modified-date
agent/references
agent/description
agent/severity
agent/weakness
agent/author
agent/event
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle mysql
version/oracle mysql/5.5.28
version/oracle mysql/5.1.51
version/oracle mysql/5.1.52
version/oracle mysql/5.1.52-sp1
version/oracle mysql/5.1.53
version/oracle mysql/5.1.54
version/oracle mysql/5.1.55
version/oracle mysql/5.1.56
version/oracle mysql/5.1.57
version/oracle mysql/5.1.58
version/oracle mysql/5.1.59
version/oracle mysql/5.1.60
version/oracle mysql/5.1.61
version/oracle mysql/5.1.62
version/oracle mysql/5.1.63
version/oracle mysql/5.1.64
version/oracle mysql/5.1.65
version/oracle mysql/5.1.66
version/oracle mysql/5.1.67
version/oracle mysql/5.5.10
version/oracle mysql/5.5.11
version/oracle mysql/5.5.12
version/oracle mysql/5.5.13
version/oracle mysql/5.5.14
version/oracle mysql/5.5.15
version/oracle mysql/5.5.16
version/oracle mysql/5.5.17
version/oracle mysql/5.5.18
version/oracle mysql/5.5.19
version/oracle mysql/5.5.20
version/oracle mysql/5.5.21
version/oracle mysql/5.5.22
version/oracle mysql/5.5.23
version/oracle mysql/5.5.24
version/oracle mysql/5.5.25
version/oracle mysql/5.5.25-a
version/oracle mysql/5.5.26
version/oracle mysql/5.5.27
vendor/mariadb
canonical/mariadb
version/mariadb/5.1.41
version/mariadb/5.1.42
version/mariadb/5.1.44
version/mariadb/5.1.47
version/mariadb/5.1.49
version/mariadb/5.1.50
version/mariadb/5.1.51
version/mariadb/5.1.53
version/mariadb/5.1.55
version/mariadb/5.1.60
version/mariadb/5.1.61
version/mariadb/5.1.62
version/mariadb/5.2.0
version/mariadb/5.2.1
version/mariadb/5.2.2
version/mariadb/5.2.3
version/mariadb/5.2.4
version/mariadb/5.2.5
version/mariadb/5.2.6
version/mariadb/5.2.7
version/mariadb/5.2.8
version/mariadb/5.2.9
version/mariadb/5.2.10
version/mariadb/5.2.11
version/mariadb/5.2.12
version/mariadb/5.3.0
version/mariadb/5.3.1
version/mariadb/5.3.2
version/mariadb/5.3.3
version/mariadb/5.3.4
version/mariadb/5.3.5
version/mariadb/5.3.6
version/mariadb/5.3.7
version/mariadb/5.5.20
version/mariadb/5.5.21
version/mariadb/5.5.22
version/mariadb/5.5.23
version/mariadb/5.5.24
version/mariadb/5.5.25