CVE-2012-5614

Oracle MySQL <5.1.67 & <5.5.29 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5614. PoCs published by kingcope.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in MySQL 5.5.19-log by sending a malformed command that triggers a segmentation fault. The PoC uses the Net::MySQL Perl module to execute a crafted command, causing the MySQL server to crash.

Description

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.

Exploits (1)

exploitdb WORKING POC

by kingcope · textdoslinux

https://www.exploit-db.com/exploits/23078

View Code ZIP pw:eip

This exploit demonstrates a Denial of Service (DoS) vulnerability in MySQL 5.5.19-log by sending a malformed command that triggers a segmentation fault. The PoC uses the Net::MySQL Perl module to execute a crafted command, causing the MySQL server to crash.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: MySQL 5.5.19-log

Auth required

Prerequisites: Valid MySQL credentials · Network access to the MySQL server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027829

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/53372

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/12/02/3

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201308-06.xml

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/12/02/4

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0772.html

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2012/Dec/7

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=882607

Broken Link, Patch x_refsource_misc

https://mariadb.atlassian.net/browse/MDEV-3910

Broken Link vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Scores

EPSS 0.1318

EPSS Percentile 95.9%

Details

Status published

Products (7)

mariadb/mariadb 5.5.0 - 5.5.30

oracle/mysql 5.1.0 - 5.1.67

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_eus 6.4

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_server_aus 6.4

redhat/enterprise_linux_workstation 6.0

Published Dec 03, 2012

Tracked Since Feb 18, 2026