Lucene search
SuseSUSE-SA:2006:004HistoryJan 26, 2006 - 1:53 p.m.
remote code execution in phpMyAdmin
2006-01-2613:53:52
lists.opensuse.org
27
0.975 High
EPSS
Percentile
100.0%
Stefan Esser discovered a bug in in the register_globals emulation of phpMyAdmin that allowes to overwrite variables. An attacker could exploit the bug to ultimately execute code (CVE-2005-4079). Additionally several cross-site-scripting bugs were discovered (CVE-2005-3787, CVE-2005-3665). We have released a version update to phpMyAdmin-2.7.0-pl2 which addresses the issues mentioned above.
Solution
There is no known workaround, please install the update packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.0 | noarch | phpmyadmin | < 2.7.0pl2-3 | phpMyAdmin-2.7.0pl2-3.noarch.rpm |
| openSUSE | 9.1 | noarch | phpmyadmin | < 2.7.0pl2-1.2 | phpMyAdmin-2.7.0pl2-1.2.noarch.rpm |
| openSUSE | 9.2 | noarch | phpmyadmin | < 2.7.0pl2-1.2 | phpMyAdmin-2.7.0pl2-1.2.noarch.rpm |
| openSUSE | 10.0 | noarch | phpmyadmin | < 2.7.0pl2-1.2 | phpMyAdmin-2.7.0pl2-1.2.noarch.rpm |
| openSUSE | 9.3 | noarch | phpmyadmin | < 2.7.0pl2-1.2 | phpMyAdmin-2.7.0pl2-1.2.noarch.rpm |
Related
suse
suse
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in MozillaFirefox,mozilla
2006-04-20 13:13:08
information leak in mozilla,MozillaFirefox,epiphany,galeon
2005-08-11 15:28:02
osv
osv
mozilla-thunderbird - several
2005-08-23 00:00:00
mozilla-firefox - several
2006-04-26 00:00:00
mozilla-thunderbird - several vulnerabilities
2006-05-04 00:00:00
openvas
openvas
Debian Security Advisory DSA 781-1 (mozilla-thunderbird)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200605-09 (mozilla-thunderbird)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200604-18 (mozilla)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2005:601) thunderbird security update
2005-07-21 00:00:00
(RHSA-2006:0330) thunderbird security update
2006-04-21 00:00:00
(RHSA-2006:0329) mozilla security update
2006-04-18 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:078)
2006-04-26 00:00:00
Fedora Core 3 : thunderbird-1.0.6-1.1.fc3 (2005-604)
2005-07-21 00:00:00
RHEL 4 : thunderbird (RHSA-2005:601)
2005-07-22 00:00:00
debian
debian
centos
centos
thunderbird security update
2005-07-22 15:22:09
thunderbird security update
2006-04-21 17:41:34
galeon, mozilla security update
2006-04-18 23:53:59
ubuntu
ubuntu
Thunderbird vulnerabilities
2006-05-03 00:00:00
Mozilla Thunderbird vulnerabilities
2005-08-01 00:00:00
Mozilla vulnerabilities
2006-04-28 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2006-05-08 00:00:00
Mozilla Suite: Multiple vulnerabilities
2006-04-28 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-04-23 00:00:00
securityvulns
securityvulns
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-04-13 00:00:00
firefox & mozilla -- multiple vulnerabilities
2005-07-12 00:00:00
mozilla -- heap overflow in NNTP handler
2004-12-29 00:00:00
ubuntucve
ubuntucve
cve
cve
cert
cert
Mozilla crypto.generateCRMFRequest() vulnerability
2006-04-17 00:00:00
Mozilla products vulnerable to heap overflow via specially crafted GIF file
2005-03-30 00:00:00
phpmyadmin
phpmyadmin
XSS vulnerabilities
2005-11-23 00:00:00
debiancve
debiancve
CVE-2005-3787
2005-11-24 01:03:00
checkpoint_advisories
checkpoint_advisories
Mozilla NNTP URL Handling Buffer Overflow (CVE-2004-1316)
2009-11-08 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.8) — Mozilla
2006-04-13 00:00:00
GIF heap overflow parsing Netscape extension 2 — Mozilla
2005-03-22 00:00:00
saint
saint
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00