10

CVE-2008-7251

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpmyadminPhpmyadmin Version2.11.0
PhpmyadminPhpmyadmin Version2.11.0 Updatebeta1
PhpmyadminPhpmyadmin Version2.11.0 Updaterc1
PhpmyadminPhpmyadmin Version2.11.0.0
PhpmyadminPhpmyadmin Version2.11.0beta1
PhpmyadminPhpmyadmin Version2.11.0rc1
PhpmyadminPhpmyadmin Version2.11.1
PhpmyadminPhpmyadmin Version2.11.1 Updaterc1
PhpmyadminPhpmyadmin Version2.11.1.0
PhpmyadminPhpmyadmin Version2.11.1.1
PhpmyadminPhpmyadmin Version2.11.1.2
PhpmyadminPhpmyadmin Version2.11.1rc1
PhpmyadminPhpmyadmin Version2.11.2
PhpmyadminPhpmyadmin Version2.11.2.0
PhpmyadminPhpmyadmin Version2.11.2.1
PhpmyadminPhpmyadmin Version2.11.2.2
PhpmyadminPhpmyadmin Version2.11.3
PhpmyadminPhpmyadmin Version2.11.3 Updaterc1
PhpmyadminPhpmyadmin Version2.11.3.0
PhpmyadminPhpmyadmin Version2.11.3rc1
PhpmyadminPhpmyadmin Version2.11.4
PhpmyadminPhpmyadmin Version2.11.4 Updaterc1
PhpmyadminPhpmyadmin Version2.11.4.0
PhpmyadminPhpmyadmin Version2.11.4rc1
PhpmyadminPhpmyadmin Version2.11.5
PhpmyadminPhpmyadmin Version2.11.5 Updaterc1
PhpmyadminPhpmyadmin Version2.11.5.0
PhpmyadminPhpmyadmin Version2.11.5.1
PhpmyadminPhpmyadmin Version2.11.5.2
PhpmyadminPhpmyadmin Version2.11.5rc1
PhpmyadminPhpmyadmin Version2.11.6
PhpmyadminPhpmyadmin Version2.11.6 Updaterc1
PhpmyadminPhpmyadmin Version2.11.6.0
PhpmyadminPhpmyadmin Version2.11.6rc1
PhpmyadminPhpmyadmin Version2.11.7
PhpmyadminPhpmyadmin Version2.11.7.0
PhpmyadminPhpmyadmin Version2.11.8
PhpmyadminPhpmyadmin Version2.11.9
PhpmyadminPhpmyadmin Version2.11.9.0
PhpmyadminPhpmyadmin Version2.11.9.1
PhpmyadminPhpmyadmin Version2.11.9.2
PhpmyadminPhpmyadmin Version2.11.9.3
PhpmyadminPhpmyadmin Version2.11.9.4
PhpmyadminPhpmyadmin Version2.11.9.5
PhpmyadminPhpmyadmin Version2.11.9.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.66% 0.837
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
http://secunia.com/advisories/38211
Vendor Advisory
http://secunia.com/advisories/39503
Vendor Advisory
http://www.debian.org/security/2010/dsa-2034
http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
Vendor Advisory
http://www.securityfocus.com/bid/37826
http://www.vupen.com/english/advisories/2010/0910
Vendor Advisory