Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
78 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip=""> | ||
|
||
<py:def function="announcement_id"> | ||
PMASA-2012-4 | ||
</py:def> | ||
|
||
<py:def function="announcement_date"> | ||
2012-08-xx | ||
</py:def> | ||
|
||
<!--! Optional section, use only if something has been changed | ||
<py:def function="announcement_updated"> | ||
2012-??-?? | ||
</py:def> | ||
--> | ||
|
||
<py:def function="announcement_summary"> | ||
Multiple XSS in Table operations, Database structure, Trigger and Visualize | ||
GIS data pages. | ||
</py:def> | ||
|
||
<py:def function="announcement_description"> | ||
Using a crafted table name, it was possible to produce a XSS : | ||
1) On the Database Structure page, creating a new table with a crafted name | ||
2) On the Database Structure page, using the Empty and Drop links of the crafted table name | ||
3) On the Table Operations page of a crafted table, using the 'Empty the table (TRUNCATE)' and 'Delete the table (DROP)' links | ||
4) On the Triggers page of a database containing tables with a crafted name, when opening the 'Add Trigger' popup | ||
5) When creating a trigger for a table with a crafted name, with an invalid definition. | ||
Having crafted data in a database table, it was possible to produce a XSS : | ||
6) When visualizing GIS data, having a crafted label name. | ||
</py:def> | ||
|
||
<py:def function="announcement_severity"> | ||
We consider these vulnerabilities to be non critical. | ||
</py:def> | ||
|
||
<py:def function="announcement_mitigation"> | ||
These XSS can only be triggered when a table with a crafted name is already present, or if crafted data is already stored in a database table. | ||
</py:def> | ||
|
||
<py:def function="announcement_affected"> | ||
Versions 3.4.x are affected, for issues #1 and #2. | ||
Versions 3.5.x are affected, for all issues. | ||
</py:def> | ||
|
||
<!--! Optional section | ||
<py:def function="announcement_unaffected"> | ||
</py:def> | ||
--> | ||
|
||
<py:def function="announcement_solution"> | ||
Upgrade to phpMyAdmin 3.4.11.1 or 3.5.2.2 or newer or apply the patches | ||
listed below. | ||
</py:def> | ||
|
||
<py:def function="announcement_references"> | ||
Thanks to Emanuel Bronshtein for reporting issues #2, #3 and #4. | ||
</py:def> | ||
|
||
<py:def function="announcement_cve">CVE-2012-4345</py:def> | ||
|
||
<py:def function="announcement_cwe">661 79</py:def> | ||
|
||
<py:def function="announcement_commits"> | ||
50d1a4884306ae6705f0bb665ba71da24089b6fe | ||
ee306681d0d5ac09b6fc62a7d573020af083e856 | ||
dca22c5046aa16899042592b40a0af7b5c4f1fc7 | ||
1aec25f5f2163029da51da39a1d13dcb20fb00ea | ||
d56335691cf1c1d8be3453904a885038da0a8c93 | ||
</py:def> | ||
|
||
<py:def function="announcement_commits_3_4"> | ||
d84b98d34012cc5986fe84f1871b0396990391ef | ||
e094f34bed5ef3fd9a4a3cd08e01ff59a260c730 | ||
</py:def> | ||
|
||
<xi:include href="_page.tpl" /> | ||
</html> |