Description
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Remediation
References
Related Vulnerabilities
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
PHP HTML entity encoder heap overflow vulnerability
WordPress Plugin WP Gravity Forms Zendesk Cross-Site Scripting (1.0.7)
e107 Other Vulnerability (CVE-2005-3521)
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10334)