CVE-2012-1689

Name	CVE-2012-1689
Description	Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
References	DSA-2496-1
NVD severity	medium (attack range: remote)
Debian Bugs	682210, 682212

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mysql-5.5 (PTS)	wheezy	5.5.47-0+deb7u1	fixed
	wheezy (security)	5.5.57-0+deb7u1	fixed
	jessie	5.5.55-0+deb8u1	fixed
	jessie (security)	5.5.57-0+deb8u1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mysql-5.1	source	(unstable)	(unfixed)	medium		682212
mysql-5.1	source	squeeze	5.1.63-0+squeeze1	medium	DSA-2496-1
mysql-5.5	source	(unstable)	5.5.24+dfsg-1	medium		682210