Lucene search
MitreCVELIST:CVE-2016-2041HistoryFeb 20, 2016 - 1:00 a.m.
CVE-2016-2041
2016-02-2001:00:00
mitre
www.cve.org
5
libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.
References
lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
www.debian.org/security/2016/dsa-3627
www.phpmyadmin.net/home_page/security/PMASA-2016-5.php
github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49
Related
nessus
nessus
FreeBSD : phpmyadmin -- Unsafe comparison of XSRF/CSRF token (71b24d99-c60b-11e5-bf36-6805ca0b3d42)
2016-01-29 00:00:00
Debian DLA-406-1 : phpmyadmin security update
2016-02-01 00:00:00
freebsd
freebsd
phpmyadmin -- Unsafe comparison of XSRF/CSRF token
2016-01-28 00:00:00
debiancve
debiancve
CVE-2016-2041
2016-02-20 01:59:04
ubuntucve
ubuntucve
CVE-2016-2041
2016-02-20 00:00:00
nvd
nvd
CVE-2016-2041
2016-02-20 01:59:04
github
github
phpMyAdmin Unsafe comparison of XSRF/CSRF token
2022-05-14 02:08:30
prion
prion
Cross site request forgery (csrf)
2016-02-20 01:59:00
phpmyadmin
phpmyadmin
Unsafe comparison of XSRF/CSRF token.
2016-01-24 00:00:00
cve
cve
CVE-2016-2041
2016-02-20 01:59:04
osv
osv
phpMyAdmin Unsafe comparison of XSRF/CSRF token
2022-05-14 02:08:30
phpmyadmin - security update
2016-01-30 00:00:00
phpmyadmin - regression update
2016-05-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-406-1)
2023-03-08 00:00:00
phpMyAdmin Multiple Vulnerabilities -01 (Feb 2016)
2016-02-23 00:00:00
Mageia: Security Advisory (MGASA-2016-0051)
2016-02-08 00:00:00
debian
debian
[SECURITY] [DLA 406-1] phpmyadmin security update
2016-01-30 22:52:45
[SECURITY] [DLA 481-2] phpmyadmin regression update
2016-05-30 18:36:20
[SECURITY] [DLA 481-1] phpmyadmin security update
2016-05-18 18:57:16
mageia
mageia
Updated phpmyadmin/phpseclib packages fix security vulnerability
2016-02-05 20:26:09
typo3
typo3
Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
2016-03-10 00:00:00
f5
f5
SOL93445609 - phpMyAdmin vulnerabilities
2016-02-29 00:00:00
K93445609 : phpMyAdmin vulnerabilities
2016-02-29 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: phpMyAdmin-4.5.4-1.fc22
2016-02-01 06:34:04
[SECURITY] Fedora 23 Update: phpMyAdmin-4.5.4.1-1.fc23
2016-02-03 20:52:02