Lucene search
MitreCVELIST:CVE-2009-4605HistoryJan 19, 2010 - 4:00 p.m.
CVE-2009-4605
2010-01-1916:00:00
mitre
www.cve.org
9
scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
References
lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/scripts/setup.php?r1=13149&r2=13148&pathrev=13149
phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
secunia.com/advisories/38211
secunia.com/advisories/39503
www.debian.org/security/2010/dsa-2034
www.phpmyadmin.net/home_page/security/PMASA-2010-3.php
www.vupen.com/english/advisories/2010/0910
Related
nessus
nessus
phpMyAdmin < 2.11.10 Multiple Vulnerabilities
2010-01-20 00:00:00
openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)
2010-01-18 00:00:00
prion
prion
Cross site request forgery (csrf)
2010-01-19 16:30:00
seebug
seebug
phpMyAdmin unserialize()θ°η¨θ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2010-01-21 00:00:00
debiancve
debiancve
CVE-2009-4605
2010-01-19 16:30:00
cve
cve
CVE-2009-4605
2010-01-19 16:30:00
ubuntucve
ubuntucve
CVE-2009-4605
2010-01-19 00:00:00
phpmyadmin
phpmyadmin
Unsafe usage of unserialize function.
2010-01-15 00:00:00
openvas
openvas
phpMyAdmin 'unserialize()' RCE Vulnerability
2010-04-20 00:00:00
Debian Security Advisory DSA 2034-1 (phpmyadmin)
2010-05-04 00:00:00
Debian: Security Advisory (DSA-2034-1)
2010-05-04 00:00:00
nvd
nvd
CVE-2009-4605
2010-01-19 16:30:00
osv
osv
phpmyadmin - several vulnerabilities
2010-04-17 00:00:00
debian
debian
[SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
2010-04-17 12:35:52