Description

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

Remediation

References

CVE-2006-1516

Related Vulnerabilities

WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace Cross-Site Request Forgery (2.9.10)

OpenSSL Resource Management Errors Vulnerability (CVE-2016-0798)

WordPress Plugin Instagram Feed Unspecified Vulnerability (1.11.3)

WordPress Plugin Social Review includes Backdoor [Only if downloaded via the vendor website] (1.0.8)

WordPress Plugin Easy PayPal Buy Now Button Cross-Site Scripting (1.7.3)

Severity

Medium

Classification

CVE-2006-1516

Tags

Missing Update Known Vulnerabilities