Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
phpmyadminPhpMyAdminPHPMYADMIN:PMASA-2010-2
HistoryJan 15, 2010 - 12:00 a.m.

Unsafe handling of temporary files

2010-01-1500:00:00
www.phpmyadmin.net
17

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

76.7%

JSON

PMASA-2010-2

Announcement-ID: PMASA-2010-2

Date: 2010-01-15

Summary

Unsafe handling of temporary files

Description

phpMyAdmin created temporary files with predictable file name.

Severity

We consider these vulnerabilities to be not critical.

Affected Versions

For 2.11.x: versions before 2.11.10 are affected.

Unaffected Versions

3.x releases are not affected.

Solution

Upgrade to phpMyAdmin 3.0.0 or 2.11.10.

References

We wish to thank to Thijs Kinkhorst for pointing out this issue.

Assigned CVE ids: CVE-2008-7252

CWE ids: CWE-661 CWE-376

Patches

The following commits have been made to fix this issue:

The following commits have been made on the 2.11 branch to fix this issue:

More information

For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.

Related

prion 1
cvelist 1
debiancve 1
github 1
cve 1
nvd 1
ubuntucve 1
osv 2
openvas 5
seebug 1
debian 1
nessus 3
gentoo 1
prion
prion
Design/Logic Flaw
2010-01-19 16:30:00
cvelist
cvelist
CVE-2008-7252
2010-01-19 16:00:00
debiancve
debiancve
CVE-2008-7252
2010-01-19 16:30:00
github
github
phpMyAdmin unsafely handles temporary files
2022-05-17 05:44:03
cve
cve
CVE-2008-7252
2010-01-19 16:30:00
nvd
nvd
CVE-2008-7252
2010-01-19 16:30:00
ubuntucve
ubuntucve
CVE-2008-7252
2010-01-19 00:00:00
osv
osv
phpMyAdmin unsafely handles temporary files
2022-05-17 05:44:03
phpmyadmin - several vulnerabilities
2010-04-17 00:00:00
openvas
openvas
phpMyAdmin Insecure Temporary File and Directory Creation Vulnerabilities
2010-01-18 00:00:00
Debian: Security Advisory (DSA-2034-1)
2010-05-04 00:00:00
Debian Security Advisory DSA 2034-1 (phpmyadmin)
2010-05-04 00:00:00
seebug
seebug
phpMyAdminๅˆ›ๅปบไธๅฎ‰ๅ…จๆ–‡ไปถๅ’Œ็›ฎๅฝ•ๆผๆดž
2010-01-19 00:00:00
debian
debian
[SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
2010-04-17 12:35:52
nessus
nessus
openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)
2010-01-18 00:00:00
Debian DSA-2034-1 : phpmyadmin - several vulnerabilities
2010-04-19 00:00:00
GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities
2012-01-05 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

76.7%

JSON
Related for PHPMYADMIN:PMASA-2010-2
prion1cvelist1debiancve1github1cve1nvd1ubuntucve1osv2openvas5seebug1debian1nessus3gentoo1