Lucene search
Ubuntu.comUB:CVE-2012-5159HistorySep 25, 2012 - 12:00 a.m.
CVE-2012-5159
2012-09-2500:00:00
ubuntu.com
ubuntu.com
9
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.911
Percentile
98.9%
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an
unspecified time frame in 2012, contains an externally introduced
modification (Trojan Horse) in server_sync.php, which allows remote
attackers to execute arbitrary PHP code via an eval injection attack.
Notes
| Author | Note |
|---|---|
| seth-arnold | Only a specific version was trojaned; we don’t ship that version |
Related
cvelist
cvelist
CVE-2012-5159
2012-09-25 22:00:00
prion
prion
Design/Logic Flaw
2012-09-25 22:55:00
exploitdb
exploitdb
phpMyAdmin 3.5.2.2 - 'server_sync.php' Backdoor (Metasploit)
2012-10-10 00:00:00
metasploit
metasploit
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
2012-09-25 15:47:53
openvas
openvas
phpMyAdmin 'server_sync.php' Backdoor Vulnerability
2012-09-26 00:00:00
phpmyadmin
phpmyadmin
nvd
nvd
CVE-2012-5159
2012-09-25 22:55:00
cve
cve
CVE-2012-5159
2012-09-25 22:55:00
d2
d2
DSquare Exploit Pack: D2SEC_PMA_BACKDOOR
2012-09-25 22:55:00
seebug
seebug
phpMyAdmin 'server_sync.php'远程后门漏洞
2012-09-26 00:00:00
debiancve
debiancve
CVE-2012-5159
2012-09-25 22:55:00
nessus
nessus
phpMyAdmin server_sync.php Backdoor (PMASA-2012-5)
2012-09-26 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.911
Percentile
98.9%
Related for UB:CVE-2012-5159