Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-4605HistoryJan 19, 2010 - 4:30 p.m.
CVE-2009-4605
2010-01-1916:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.008
Percentile
81.4%
scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | phpmyadmin | <Β 4:3.2.4-1 | phpmyadmin_4:3.2.4-1_all.deb |
| Debian | 11 | all | phpmyadmin | <Β 4:3.2.4-1 | phpmyadmin_4:3.2.4-1_all.deb |
| Debian | 999 | all | phpmyadmin | <Β 4:3.2.4-1 | phpmyadmin_4:3.2.4-1_all.deb |
| Debian | 13 | all | phpmyadmin | <Β 4:3.2.4-1 | phpmyadmin_4:3.2.4-1_all.deb |
Related
nessus
nessus
phpMyAdmin < 2.11.10 Multiple Vulnerabilities
2010-01-20 00:00:00
openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)
2010-01-18 00:00:00
prion
prion
Cross site request forgery (csrf)
2010-01-19 16:30:00
seebug
seebug
phpMyAdmin unserialize()θ°η¨θ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2010-01-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-4605
2010-01-19 00:00:00
cvelist
cvelist
CVE-2009-4605
2010-01-19 16:00:00
cve
cve
CVE-2009-4605
2010-01-19 16:30:00
phpmyadmin
phpmyadmin
Unsafe usage of unserialize function.
2010-01-15 00:00:00
openvas
openvas
phpMyAdmin 'unserialize()' RCE Vulnerability
2010-04-20 00:00:00
Debian Security Advisory DSA 2034-1 (phpmyadmin)
2010-05-04 00:00:00
Debian: Security Advisory (DSA-2034-1)
2010-05-04 00:00:00
nvd
nvd
CVE-2009-4605
2010-01-19 16:30:00
osv
osv
phpmyadmin - several vulnerabilities
2010-04-17 00:00:00
debian
debian
[SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
2010-04-17 12:35:52
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.008
Percentile
81.4%
Related for DEBIANCVE:CVE-2009-4605