Description

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

Remediation

References

CVE-2004-0957

Related Vulnerabilities

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588)

WordPress Plugin WP Mail Log Cross-Site Request Forgery (1.0.1)

WordPress Plugin Logo Carousel Cross-Site Scripting (1.7.1)

IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-1103)

WebLogic CVE-2021-35552 Vulnerability (CVE-2021-35552)

Severity

Medium

Classification

CVE-2004-0957

Tags

Missing Update Known Vulnerabilities