phpMyAdmin 4.0.x < 4.0.10.13 / 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-1 - PMASA-2016-5)

Versions of phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 are unpatched for the following vulnerabilities :

• A security bypass vulnerability exists due to the use of the ‘Math.random()’ JavaScript function which does not provide cryptographically secure random numbers. A remote attacker can exploit this to guess passwords via a brute-force attack. (CVE-2016-1927)
• An information disclosure vulnerability exists in multiple scripts that allows a remote attacker, via a specially crafted request, to disclose the software’s installation path. (CVE-2016-2038)
• A security bypass vulnerability exists due to generating XSRF tokens with cryptographically insecure values. A remote attacker can exploit this to bypass intended access restrictions by predicting a value. (CVE-2016-2039)
• Multiple cross-site scripting vulnerabilities exist due to improper validation of user-supplied input to the home, database search, and zoom search pages. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2016-2040)
• A security bypass vulnerability exists due to a failure to use a constant-time algorithm for comparing XSRF tokens. A remote attacker can exploit this, via a timing attack, to bypass intended access restrictions. (CVE-2016-2041)