CVE-2013-5000

2013-07-3113:20:00

Debian Security Bug Tracker

security-tracker.debian.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.8%

JSON

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

OSVersionArchitecturePackageVersionFilename
Debian12allphpmyadmin< 4:4.0.4.2-1phpmyadmin_4:4.0.4.2-1_all.deb
Debian11allphpmyadmin< 4:4.0.4.2-1phpmyadmin_4:4.0.4.2-1_all.deb
Debian999allphpmyadmin< 4:4.0.4.2-1phpmyadmin_4:4.0.4.2-1_all.deb
Debian13allphpmyadmin< 4:4.0.4.2-1phpmyadmin_4:4.0.4.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	phpmyadmin	< 4:4.0.4.2-1	phpmyadmin_4:4.0.4.2-1_all.deb
Debian	11	all	phpmyadmin	< 4:4.0.4.2-1	phpmyadmin_4:4.0.4.2-1_all.deb
Debian	999	all	phpmyadmin	< 4:4.0.4.2-1	phpmyadmin_4:4.0.4.2-1_all.deb
Debian	13	all	phpmyadmin	< 4:4.0.4.2-1	phpmyadmin_4:4.0.4.2-1_all.deb