remote code execution in phpMyAdmin

ID SUSE-SA:2005:066
Type suse
Reporter Suse
Modified 2005-11-18T13:36:23


The MySQL configuration frontend phpMyAdmin was updated to fix the following security problems which can be remotely exploited: - Multiple cross-site scripting (XSS) bugs (CVE-2005-3301, CVE-2005-2869, PMASA-2005-5). - Multiple file inclusion vulnerabilities that allowed an attacker to include arbitrary files (CVE-2005-3300, CVE-2005-3301, PMASA-2005-5).


There is no known workaround, please install the update packages.