[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2286-1 phpymadmin -- several

ID: oval:org.secpod.oval:def:600595Date: (C)2011-07-29   (M)2023-11-09
Class: PATCHFamily: unix




Several vulnerabilities were discovered in phpMyAdmin, a tool to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2505 Possible session manipulation in Swekey authentication. CVE-2011-2506 Possible code injection in setup script, in case session variables are compromised. CVE-2011-2507 Regular expression quoting issue in Synchronize code. CVE-2011-2508 Possible directory traversal in MIME-type transformation. CVE-2011-2642 Cross site scripting in table Print view when the attacker can create crafted table names. No CVE name yet Possible superglobal and local variables manipulation in Swekey authentication. The oldstable distribution is only affected by CVE-2011-2642, which has been fixed in version 2.11.8.1-5+lenny9.

Platform:
Debian 6.0
Product:
phpymadmin
Reference:
DSA-2286-1
CVE-2011-2505
CVE-2011-2506
CVE-2011-2507
CVE-2011-2508
CVE-2011-2642
CVE    5
CVE-2011-2508
CVE-2011-2507
CVE-2011-2506
CVE-2011-2505
...
CPE    2
cpe:/a:phpymadmin:phpymadmin
cpe:/o:debian:debian_linux:6.0

© SecPod Technologies