Wind River Support Network

HomeDefectsLIN9-2770
Fixed

LIN9-2770 : Security Advisory - phpmyadmin - CVE-2016-6631

Created: Dec 15, 2016    Updated: May 29, 2018
Resolved Date: Apr 10, 2018
Found In Version: unknown
Fix Version: 9.0.0.4
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6631

Other Downloads


CVEs


Live chat
Online