Wind River Support Network

HomeDefectsLIN6-4420
Fixed

LIN6-4420 : Security Advisory - phpMyAdmin - CVE-2011-2719

Created: Dec 27, 2011    Updated: Dec 3, 2018
Resolved Date: Jan 14, 2014
Previous ID: LIN4-8924
Found In Version: 6.0
Fix Version: 6.0.0.2
Severity: Severe
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2719

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online