Lucene search

K

PRIOn knowledge basePRION:CVE-2011-2508

HistoryJul 14, 2011 - 11:55 p.m.

Directory traversal

2011-07-1423:55:00

PRIOn knowledge base

www.prio-n.com

1

7 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.22 Low

EPSS

Percentile

96.3%

Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a … (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.

CPENameOperatorVersion
phpmyadmineq3.0.1.1
phpmyadmineq3.2.1
phpmyadmineq3.3.10.0
phpmyadmineq3.1.4
phpmyadmineq3.1.3
phpmyadmineq3.3.8.1
phpmyadmineq3.2.0
phpmyadmineq3.3.10.1
phpmyadmineq3.2.1 rc1
phpmyadmineq3.1.2

Rows per page:

1-10 of 481

References

ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html

phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7

secunia.com/advisories/45139

secunia.com/advisories/45292

secunia.com/advisories/45315

securityreason.com/securityalert/8306

typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/

www.debian.org/security/2011/dsa-2286

www.mandriva.com/security/advisories?name=MDVSA-2011:124

www.openwall.com/lists/oss-security/2011/06/28/2

www.openwall.com/lists/oss-security/2011/06/28/6

www.openwall.com/lists/oss-security/2011/06/28/8

www.openwall.com/lists/oss-security/2011/06/29/11

www.osvdb.org/73614

www.securityfocus.com/archive/1/518804/100/0/threaded

www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt

lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html

www.phpmyadmin.net/home_page/security/PMASA-2011-8.php

7 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.22 Low

EPSS

Percentile

96.3%

Related for PRION:CVE-2011-2508

phpmyadmin1 debiancve1 ubuntucve1 cve1 nessus5 securityvulns3 openvas10 seebug2 freebsd1 packetstorm1 osv1 debian1 gentoo1