CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
83.7%
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
phpmyadmin | phpmyadmin | 2.11.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.0.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0.0:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.0beta1 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0beta1:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.0rc1 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0rc1:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.1 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.1 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.1.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:* |
phpmyadmin | phpmyadmin | 2.11.1.1 | cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536
phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
secunia.com/advisories/38211
secunia.com/advisories/39503
www.debian.org/security/2010/dsa-2034
www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
www.securityfocus.com/bid/37826
www.vupen.com/english/advisories/2010/0910