2006-08-09 22:00:00
mitre
PUBLISHED
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the users privileges are revoked for the original table, which might violate intended security policy.