CVE-2016-9864

2016-12-1103:00:00

Alpine Linux Development Team

security.alpinelinux.org

0.003 Low

EPSS

Percentile

70.7%

JSON

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.10-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.11-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.12-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.13-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.14-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.15-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.16-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.17-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN
Alpine3.18-communitynoarchphpmyadmin< 4.6.5.2-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.10-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.11-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.12-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.13-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.14-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.15-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.16-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.17-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN
Alpine	3.18-community	noarch	phpmyadmin	< 4.6.5.2-r0	UNKNOWN

Rows per page:

1-10 of 181

0.003 Low

EPSS

Percentile

70.7%

JSON

Related for ALPINE:CVE-2016-9864