{
  "threat_severity" : "Low",
  "public_date" : "2012-10-16T00:00:00Z",
  "bugzilla" : {
    "description" : "mysql: unspecified DoS vulnerability related to Server Full Text Search (CPU Oct 2012)",
    "id" : "867230",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=867230"
  },
  "cvss" : {
    "cvss_base_score" : "3.5",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:S/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search." ],
  "statement" : "On Red Hat Enterprise Linux 5.10, new MySQL 5.5 packages are available which are not vulnerable to this issue.  Future updates for MySQL 5.0 will no longer be made available (mysql-5.0.* and related packages); security advisories will be provided only for MySQL 5.5.  Please refer to https://rhn.redhat.com/errata/RHEA-2013-1330.html for further information.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-11-14T00:00:00Z",
    "advisory" : "RHSA-2012:1462",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "mysql-0:5.1.66-1.el6_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Under investigation",
    "package_name" : "mysql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-3167\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3167" ],
  "name" : "CVE-2012-3167",
  "csaw" : false
}