CVE-2017-1000016

Опубликовано: 17 июл. 2017

Источник: debian

Описание

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:4.6.6-1		package

Примечания

https://www.phpmyadmin.net/security/PMASA-2017-5
https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f9ecaab86c488d106b1588d7683a6d53ef

Связанные уязвимости

CVE-2017-1000016

CVSS3: 7.5

ubuntu

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

CVE-2017-1000016

CVSS3: 7.5

nvd

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

GHSA-j2cq-h6v2-f875

CVSS3: 7.5

github

около 3 лет назад

phpMyAdmin Cookie attribute injection attack