Description
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Remediation
References
Related Vulnerabilities
Jetty Insufficient Session Expiration Vulnerability (CVE-2021-34428)
WordPress Plugin TinyMCE Advanced Cross-Site Request Forgery (4.1)
Next.js Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-46982)
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.69)
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)