phpMyAdmin: Multiple vulnerabilities
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code.
phpMyAdmin
2012-01-04
2012-01-04
302745
335490
336462
354227
373951
376369
387413
389427
395715
remote
3.4.9
3.4.9
phpMyAdmin is a web-based management tool for MySQL databases.
Multiple vulnerabilities have been discovered in phpMyAdmin. Please
review the CVE identifiers and phpMyAdmin Security Advisories referenced
below for details.
Remote attackers might be able to insert and execute PHP code, include
and execute local PHP files, or perform Cross-Site Scripting (XSS)
attacks via various vectors.
There is no known workaround at this time.
All phpMyAdmin users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-3.4.9"
CVE-2008-7251
CVE-2008-7252
CVE-2010-2958
CVE-2010-3055
CVE-2010-3056
CVE-2010-3263
CVE-2011-0986
CVE-2011-0987
CVE-2011-2505
CVE-2011-2506
CVE-2011-2507
CVE-2011-2508
CVE-2011-2642
CVE-2011-2643
CVE-2011-2718
CVE-2011-2719
CVE-2011-3646
CVE-2011-4064
CVE-2011-4107
CVE-2011-4634
CVE-2011-4780
CVE-2011-4782
PMASA-2010-1
PMASA-2010-2
PMASA-2010-4
PMASA-2010-5
PMASA-2010-6
PMASA-2010-7
PMASA-2011-1
PMASA-2011-10
PMASA-2011-11
PMASA-2011-12
PMASA-2011-15
PMASA-2011-16
PMASA-2011-17
PMASA-2011-18
PMASA-2011-19
PMASA-2011-2
PMASA-2011-20
PMASA-2011-5
PMASA-2011-6
PMASA-2011-7
PMASA-2011-8
PMASA-2011-9
underling
underling