Описание
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44050
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01239.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01316.html
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
- http://secunia.com/advisories/31263
- http://secunia.com/advisories/31312
- http://secunia.com/advisories/32834
- http://www.debian.org/security/2008/dsa-1641
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:202
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6
- http://www.securityfocus.com/bid/30420
- http://www.vupen.com/english/advisories/2008/2226/references
- http://yehg.net/lab/pr0js/advisories/Cross-Site_Framing_inphpMyAdmin2.11.7.pdf
Связанные уязвимости
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from ...