CVE-2012-5611

NameCVE-2012-5611
DescriptionStack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2581-1
Debian Bugs695001

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mysql-5.1sourcesqueeze5.1.66-0+squeeze1DSA-2581-1
mysql-5.1source(unstable)(unfixed)695001
mysql-5.5source(unstable)5.5.29+dfsg-1695001

Notes

http://seclists.org/fulldisclosure/2012/Dec/4

Search for package or bug name: Reporting problems