Description

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

Remediation

References

CVE-2006-1516

Related Vulnerabilities

WordPress Plugin Facebook for WooCommerce Cross-Site Request Forgery (1.9.14)

WordPress Plugin Easy Comment Uploads 'upload.php' Arbitrary File Upload (0.61)

WordPress Plugin Responsive Gallery Grid Cross-Site Scripting (2.3.8)

WordPress Plugin Ready! Ecommerce Shopping Cart Multiple Cross-Site Request Forgery Vulnerabilities (0.5.0)

WordPress Plugin GigPress Multiple SQL Injection Vulnerabilities (2.3.8)

Severity

Medium

Classification

CVE-2006-1516

Tags

Missing Update Known Vulnerabilities