Description

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

Remediation

References

CVE-2006-1516

Related Vulnerabilities

AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521)

Oracle JRE CVE-2013-1537 Vulnerability (CVE-2013-1537)

Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238)

WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Arbitrary File Upload (3.4.3)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-31546)

Severity

Medium

Classification

CVE-2006-1516

Tags

Missing Update Known Vulnerabilities