Lucene search

K
mageiaGentoo FoundationMGASA-2014-0402
HistoryOct 07, 2014 - 1:22 p.m.

Updated phpmyadmin package fixes security vulnerability

2014-10-0713:22:51
Gentoo Foundation
advisories.mageia.org
10

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.5%

In phpMyAdmin before 4.1.14.4, with a crafted ENUM value it is possible to trigger an XSS in table search and table structure pages (CVE-2014-7217).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchphpmyadmin< 4.1.14.5-1phpmyadmin-4.1.14.5-1.mga3
Mageia4noarchphpmyadmin< 4.1.14.5-1phpmyadmin-4.1.14.5-1.mga4

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.5%

Related for MGASA-2014-0402