CVE-2006-4031
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user’s privileges are revoked for the original table, which might violate intended security policy.
Date published : 2006-08-09
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html