Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7252

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-7252
Last Modified 28 Jan 2011 12:00:00
Published 19 Jan 2010 11:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7252

Summary

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.

Vulnerable Systems

Application

  • Phpmyadmin 2.11.0

  • Phpmyadmin 2.11.0.0

  • Phpmyadmin 2.11.0beta1

  • Phpmyadmin 2.11.0rc1

  • Phpmyadmin 2.11.1

  • Phpmyadmin 2.11.1.0

  • Phpmyadmin 2.11.1.1

  • Phpmyadmin 2.11.1.2

  • Phpmyadmin 2.11.1rc1

  • Phpmyadmin 2.11.2

  • Phpmyadmin 2.11.2.0

  • Phpmyadmin 2.11.2.1

  • Phpmyadmin 2.11.2.2

  • Phpmyadmin 2.11.3

  • Phpmyadmin 2.11.3.0

  • Phpmyadmin 2.11.3rc1

  • Phpmyadmin 2.11.4

  • Phpmyadmin 2.11.4.0

  • Phpmyadmin 2.11.4rc1

  • Phpmyadmin 2.11.5

  • Phpmyadmin 2.11.5.0

  • Phpmyadmin 2.11.5.1

  • Phpmyadmin 2.11.5.2

  • Phpmyadmin 2.11.5rc1

  • Phpmyadmin 2.11.6

  • Phpmyadmin 2.11.6.0

  • Phpmyadmin 2.11.6rc1

  • Phpmyadmin 2.11.7

  • Phpmyadmin 2.11.7.0

  • Phpmyadmin 2.11.8

  • Phpmyadmin 2.11.9

  • Phpmyadmin 2.11.9.0

  • Phpmyadmin 2.11.9.1

  • Phpmyadmin 2.11.9.2

  • Phpmyadmin 2.11.9.3

  • Phpmyadmin 2.11.9.4

  • Phpmyadmin 2.11.9.5

  • Phpmyadmin 2.11.9.6


References

BID - 37826

VUPEN - ADV-2010-0910

CONFIRM - http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php

DEBIAN - DSA-2034

SECUNIA - 39503

SECUNIA - 38211

CONFIRM - http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528

CONFIRM - http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528

SUSE - SUSE-SR:2010:001


Last Updated: 27 May 2016 10:49:31