Novell Home

CVE-2008-4096

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-4096 at MITRE

Description

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.

NVD CVSS v2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 426517

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • phpMyAdmin >= 2.11.9.4-0.1

© 2014 Novell