fkie_cve-2015-2206
Vulnerability from fkie_nvd
Published
2015-03-09 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.
References
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/151331.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/151914.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/151931.htmlThird Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3382
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2015:186Broken Link
cve@mitre.orghttp://www.phpmyadmin.net/home_page/security/PMASA-2015-1.phpVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/72949
cve@mitre.orghttp://www.securitytracker.com/id/1031871Third Party Advisory, VDB Entry
cve@mitre.orghttps://github.com/phpmyadmin/phpmyadmin/commit/b2f1e895038a5700bf8e81fb9a5da36cbdea0eeb
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151331.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151914.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151931.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3382
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:186Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.phpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72949
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031871Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://github.com/phpmyadmin/phpmyadmin/commit/b2f1e895038a5700bf8e81fb9a5da36cbdea0eeb
Impacted products
Vendor Product Version
fedoraproject fedora 20
fedoraproject fedora 21
fedoraproject fedora 22
phpmyadmin phpmyadmin 4.0.0
phpmyadmin phpmyadmin 4.0.0
phpmyadmin phpmyadmin 4.0.0
phpmyadmin phpmyadmin 4.0.1
phpmyadmin phpmyadmin 4.0.2
phpmyadmin phpmyadmin 4.0.3
phpmyadmin phpmyadmin 4.0.4
phpmyadmin phpmyadmin 4.0.4.1
phpmyadmin phpmyadmin 4.0.4.2
phpmyadmin phpmyadmin 4.0.5
phpmyadmin phpmyadmin 4.0.6
phpmyadmin phpmyadmin 4.0.7
phpmyadmin phpmyadmin 4.0.8
phpmyadmin phpmyadmin 4.0.9
phpmyadmin phpmyadmin 4.0.10
phpmyadmin phpmyadmin 4.0.10.1
phpmyadmin phpmyadmin 4.0.10.2
phpmyadmin phpmyadmin 4.0.10.3
phpmyadmin phpmyadmin 4.0.10.4
phpmyadmin phpmyadmin 4.0.10.5
phpmyadmin phpmyadmin 4.0.10.6
phpmyadmin phpmyadmin 4.0.10.7
phpmyadmin phpmyadmin 4.0.10.8
phpmyadmin phpmyadmin 4.2.0
phpmyadmin phpmyadmin 4.2.1
phpmyadmin phpmyadmin 4.2.2
phpmyadmin phpmyadmin 4.2.3
phpmyadmin phpmyadmin 4.2.4
phpmyadmin phpmyadmin 4.2.5
phpmyadmin phpmyadmin 4.2.6
phpmyadmin phpmyadmin 4.2.7
phpmyadmin phpmyadmin 4.2.7.1
phpmyadmin phpmyadmin 4.2.8
phpmyadmin phpmyadmin 4.2.8.1
phpmyadmin phpmyadmin 4.2.9
phpmyadmin phpmyadmin 4.2.9.1
phpmyadmin phpmyadmin 4.2.10
phpmyadmin phpmyadmin 4.2.10.1
phpmyadmin phpmyadmin 4.2.11
phpmyadmin phpmyadmin 4.2.12
phpmyadmin phpmyadmin 4.2.13
phpmyadmin phpmyadmin 4.2.13.1
phpmyadmin phpmyadmin 4.3.0
phpmyadmin phpmyadmin 4.3.1
phpmyadmin phpmyadmin 4.3.2
phpmyadmin phpmyadmin 4.3.3
phpmyadmin phpmyadmin 4.3.4
phpmyadmin phpmyadmin 4.3.5
phpmyadmin phpmyadmin 4.3.6
phpmyadmin phpmyadmin 4.3.7
phpmyadmin phpmyadmin 4.3.8
phpmyadmin phpmyadmin 4.3.9
phpmyadmin phpmyadmin 4.3.10
phpmyadmin phpmyadmin 4.3.11


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
              "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F06DC95-76B1-4E24-A55F-1358A25ED0E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B406A721-0075-46C8-A920-3C9602AD667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "C8AE4653-1911-4A58-85DD-51E0578E788E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA76CB4-6167-446A-8D4F-6D5B38046334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D28655-7F37-474D-A4E2-772AF24B94E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA1951E-BD85-42BF-BF7F-79A14D165914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D08BEE8-5ACF-438D-9F06-86C6227C9A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58DD0910-DBBA-4858-B9B1-FA93D08323D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "50DA8EBE-52AA-45A5-A5FB-75AF84E415E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8D93A3-8997-4EB9-A411-74B296D1341F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5A81B2-E16F-4AE2-9691-92D3E8A25CCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0245AF2D-F856-4CAA-A830-36D43026D1E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "00BD9E52-A6BB-48BB-9FEE-D0272AD9B6DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C69E253E-157D-45BA-A977-079A49F74A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6325E2AE-BB86-4953-AA9E-0433C00B096E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C54B828-8B23-4C62-907E-8EE7E757B721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02DD18C8-172B-41CD-87DD-58BDEC0D9418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "10666E30-D98A-47A9-881A-B281066F0EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3993826B-CA66-4BC2-8E1B-06CF9230B214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "14928F51-761E-4FCA-B13C-A11530C7FC46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB761644-20F5-4E0D-B301-7809EAECA813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "896439D0-6C98-44A6-8C9D-0D57D57782D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "978B828C-1FCB-4386-B685-5BEE5A8A500C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC525D5-EA90-4F01-B1D3-64F4BFBFC4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ACC297E-A54A-4C92-9BCB-CDDA0C7E56C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA4B695-DD00-45FE-8A74-A34E9920EE23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC38B8F8-DB1C-4A7D-A15B-390754687F18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA5B74C-F0E8-46D0-AF53-A25145DA3E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6DD88B5-9F4D-4B1C-8A36-CA9727514B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8645867-C499-41C6-8AA4-B5CB0DB4BB6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EFA2AE-0CF3-47AE-9996-F3685851EA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "708FC2C9-6038-4FDF-9B41-EFBBEA23F114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B0DE12-E756-44B3-8C2F-8C9246F36BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50E07E05-60B4-4427-81B0-F44C3089E1F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "887DAFF7-7344-4A1C-9DC0-C41BA3E7C092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BF910D-87F7-4FF5-ACA0-1FCEEF4DD741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E9EFDB0-7D5A-4E6D-AAC3-A26121E2C152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C10AFF14-5C5A-4858-97A2-1208278D916E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0716B60-E8C7-40EA-8A96-9EC0D868D11A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6360AD1-B295-4123-A6AC-99B13FA12C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "29255C68-9B71-45DF-95B0-C84762B8CDD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA9A5D9E-EF89-4F0B-8DA2-B54DAB5616BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F6AA505-40A6-4767-A848-3B00EA8EDD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "347983D5-CB40-44C9-8C68-10A8417F4BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C9023A-2E9A-4DDA-84A8-D6E2A4F1019F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "564261EC-AEA3-4BDD-9E7D-56B29628D16F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2154D6EC-C492-4035-B5E6-9A5BAB2F2164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "819ECCB5-C0D7-47D0-8479-2C36734F47B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3499F9A7-3F4E-4AD3-94FB-242FD135B851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "53CFCBBC-E941-4167-A474-7C88F6C489AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE374D7A-90E3-42A1-A02A-88B03AB70605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2088A96D-C4C6-4FA9-8594-3DAA81D48443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0F02404-0D50-4222-B24D-6D5E34A6E60F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "254D4A65-99B4-4594-8929-1D0481DB170B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests."
    },
    {
      "lang": "es",
      "value": "libraries/select_lang.lib.php en phpMyAdmin 4.0.x anterior a 4.0.10.9, 4.2.x anterior a 4.2.13.2, y 4.3.x anterior a 4.3.11.1 incluye valores de lenguaje inv\u00e1lidos en respuestas de error de lenguaje desconocido que contienen un token CSRF y pueden ser enviadas con la compresi\u00f3n HTTP, lo que facilita a atacantes remotos realizar un ataque BREACH y determinar este token a trav\u00e9s de una serie de respuestas manipuladas."
    }
  ],
  "id": "CVE-2015-2206",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-09T17:59:10.283",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151331.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151914.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151931.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2015/dsa-3382"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:186"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/72949"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1031871"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/phpmyadmin/phpmyadmin/commit/b2f1e895038a5700bf8e81fb9a5da36cbdea0eeb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151331.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151914.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151931.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2015/dsa-3382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:186"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1031871"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/phpmyadmin/phpmyadmin/commit/b2f1e895038a5700bf8e81fb9a5da36cbdea0eeb"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.