Description

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

Remediation

References

CVE-2006-1516

Related Vulnerabilities

ownCloud Other Vulnerability (CVE-2014-2056)

WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress SQL Injection (1.0.10)

Oracle Database Server CVE-2012-3134 Vulnerability (CVE-2012-3134)

OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-1292)

WordPress Plugin Font Uploader 'font-upload.php' Arbitrary File Upload (1.2.4)

Severity

Medium

Classification

CVE-2006-1516

Tags

Missing Update Known Vulnerabilities