1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
PublicDate: 2008-08-04
Candidate: CVE-2008-3457
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3457
Description:
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before
2.11.8 allows user-assisted remote attackers to inject arbitrary web script
or HTML via crafted setup arguments. NOTE: this issue can only be
exploited in limited scenarios in which the attacker must be able to modify
config/config.inc.php.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/259839
Priority: negligible
Discovered-by:
Assigned-to:
Patches_phpmyadmin:
upstream: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11423
upstream_phpmyadmin: released (4:2.11.8~rc1-1)
dapper_phpmyadmin: ignored (reached end-of-life)
feisty_phpmyadmin: needed (reached end-of-life)
gutsy_phpmyadmin: needed (reached end-of-life)
hardy_phpmyadmin: released (4:2.11.3-1ubuntu1.2)
intrepid_phpmyadmin: not-affected
jaunty_phpmyadmin: not-affected
karmic_phpmyadmin: not-affected
devel_phpmyadmin: not-affected
|