CVE-2005-3621

Properties

Published:
15.11.2005
Updated:
16.11.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
    Product:
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin
    phpmyadmin: phpmyadmin

    Vulnerability description

    CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.

    References:

    http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
    SECTRACK: http://securitytracker.com/id?1015213
    SUSE: http://www.novell.com/linux/security/advisories/2005_28_sr.html
    SECUNIA: http://secunia.com/advisories/17578