Description

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

Remediation

References

CVE-2006-4031

Related Vulnerabilities

MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8289)

WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (1.8.6)

Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2000-0649)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2317)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1407)

Severity

Low

Classification

CVE-2006-4031

Tags

Missing Update Known Vulnerabilities