Lucene search

MitreCVE-2013-5029

HistoryAug 19, 2013 - 11:55 p.m.

CVE-2013-5029

2013-08-1923:55:09

CWE-20

mitre

web.nvd.nist.gov

cve

2013

5029

phpmyadmin

clickjacking

header.class.php

security

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.008

Percentile

82.1%

JSON

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.

Affected configurations

Nvd

Node

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

Node

phpmyadminphpmyadminMatch3.5.0.0

phpmyadminphpmyadminMatch3.5.1.0

phpmyadminphpmyadminMatch3.5.2.0

phpmyadminphpmyadminMatch3.5.2.1

phpmyadminphpmyadminMatch3.5.2.2

phpmyadminphpmyadminMatch3.5.3.0

phpmyadminphpmyadminMatch3.5.4

phpmyadminphpmyadminMatch3.5.5

phpmyadminphpmyadminMatch3.5.6

phpmyadminphpmyadminMatch3.5.7

phpmyadminphpmyadminMatch3.5.7rc1

phpmyadminphpmyadminMatch3.5.8

phpmyadminphpmyadminMatch3.5.8rc1

phpmyadminphpmyadminMatch3.5.8.1

phpmyadminphpmyadminMatch3.5.8.2

phpmyadminphpmyadminMatch4.0.0

phpmyadminphpmyadminMatch4.0.0rc2

phpmyadminphpmyadminMatch4.0.0rc3

phpmyadminphpmyadminMatch4.0.1

phpmyadminphpmyadminMatch4.0.2

phpmyadminphpmyadminMatch4.0.3

phpmyadminphpmyadminMatch4.0.4

phpmyadminphpmyadminMatch4.0.4.1

phpmyadminphpmyadminMatch4.0.4.2

VendorProductVersionCPE
opensuseopensuse12.2cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
opensuseopensuse12.3cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.0.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.1.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.1cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.2cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.3.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.4cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.5cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
opensuse	opensuse	12.2	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
opensuse	opensuse	12.3	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
phpmyadmin	phpmyadmin	3.5.0.0	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:::::::*
phpmyadmin	phpmyadmin	3.5.1.0	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:::::::*
phpmyadmin	phpmyadmin	3.5.2.0	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:::::::*
phpmyadmin	phpmyadmin	3.5.2.1	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:::::::*
phpmyadmin	phpmyadmin	3.5.2.2	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:::::::*
phpmyadmin	phpmyadmin	3.5.3.0	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:::::::*
phpmyadmin	phpmyadmin	3.5.4	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:::::::*
phpmyadmin	phpmyadmin	3.5.5	cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:::::::*