Description

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

Remediation

References

CVE-2004-0957

Related Vulnerabilities

Lighttpd Other Vulnerability (CVE-2007-3950)

WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.4.6)

WordPress Plugin FCChat Widget 'Upload.php' Arbitrary File Upload (2.2.13.1)

WordPress Plugin Event Organiser Cross-Site Scripting (2.12.4)

Oracle Database Server CVE-2009-1985 Vulnerability (CVE-2009-1985)

Severity

Medium

Classification

CVE-2004-0957

Tags

Missing Update Known Vulnerabilities