Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 276218 - <dev-db/phpmyadmin-3.2.0.1: SQL bookmark XSS (CVE-2009-2284)
Summary: <dev-db/phpmyadmin-3.2.0.1: SQL bookmark XSS (CVE-2009-2284)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://www.phpmyadmin.net/home_page/s...
Whiteboard: ~4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-02 13:11 UTC by Alex Legler (RETIRED)
Modified: 2009-08-01 12:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-07-02 13:11:15 UTC
CVE-2009-2284 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2284):
  Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1
  allows remote attackers to inject arbitrary web script or HTML via a
  crafted SQL bookmark.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-01 12:45:54 UTC
+*phpmyadmin-3.2.0.1 (01 Aug 2009)
+
+  01 Aug 2009; Alex Legler <a3li@gentoo.org> -phpmyadmin-3.2.0.ebuild,
+  +phpmyadmin-3.2.0.1.ebuild:
+  Non-maintainer commit: Version bump for security bug 276218.
+  Removing vulnerable version.
+