CVE-2012-5383

Name of the Vulnerable Software and Affected Versions Oracle MySQL version 5.5.28

Description The issue is related to an untrusted search path vulnerability in the installation functionality of Oracle MySQL. This vulnerability might allow local users to gain privileges via a Trojan horse DLL in the "C:MySQLMySQL Server 5.5bin" directory. The vulnerability can be exploited if this directory is added to the PATH system environment variable by an administrator. A demonstration of this vulnerability involves a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in various Windows operating systems, including Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview.

Recommendations For Oracle MySQL version 5.5.28, consider removing the "C:MySQLMySQL Server 5.5bin" directory from the PATH system environment variable to prevent exploitation. As a temporary workaround, restrict access to the wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.