If the actual input to a transaction (in Monero terminology this is the output of the prior transaction) is not also an input to another transaction's ring signature (and when all the other inputs to the ring are spent) or if it is also the input to a subsequent ring in which all the other inputs were outputs created after the said transaction was created, then the anonymity of the said transaction is entirely unmasked.
This is really
what MRL-0004 deals with (the section on Temporal Association attacks).
A lot of this changes with the recommendations MRL4 made, which will come in a hard fork later this year (once we've established a forking strategy, per
this forum post).
I don't check this thread, so if you reply and don't hear back from me in a couple of days just send me a PM nudging me:)
The MRL4 imperfect heuristic mitigations notwithstanding, the only absolute solution is to require that sets of outputs be mixed with and only with each other (and the number of inputs per ring must be constant). This also enables pruning the Cryptonote block chain. There I have just given away one of my prior design "secrets" (that I no longer need to keep secret because I stumbled onto a consensus network design which no longer needs pruning and is transaction technology agnostic). Perhaps others already suggested this?
P.S. for those who have already spent their coins to a third party, your hard fork will come too late. Hope you can make necessary improvements sooner.