CVE-2012-5612

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 5.5.19 through 5.5.28 MariaDB versions 5.5.28a and possibly other versions

Description A heap-based buffer overflow issue allows remote authenticated users to cause a denial of service, resulting in memory corruption and crash, and possibly execute arbitrary code. This can be demonstrated using various database commands, including USE, SHOW TABLES, DESCRIBE, SHOW FIELDS FROM, SHOW COLUMNS FROM, SHOW INDEX FROM, CREATE TABLE, DROP TABLE, ALTER TABLE, DELETE FROM, UPDATE, and SET PASSWORD.

Recommendations For Oracle MySQL versions 5.5.19 through 5.5.28, update to a version outside of this range to resolve the issue. For MariaDB versions 5.5.28a and possibly other versions, consider restricting access to the affected database commands as a temporary workaround until a patch is available.