Description
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
Remediation
References
Related Vulnerabilities
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15098)
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2025-64460)
WordPress Plugin Booking Calendar-Appointment Booking-BookIt Unspecified Vulnerability (2.3.8)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-6623)