FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- XSS and information disclosure vulnerabilities

Affected packages
4.2.0 <= phpMyAdmin < 4.2.12

Details

VuXML ID a5d4a82a-7153-11e4-88c7-6805ca0b3d42
Discovery 2014-11-20
Entry 2014-11-21

The phpMyAdmin development team reports:

These vulnerabilities can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required pages. Moreover, exploitation of the XSS vulnerability related to the font size requires forgery of the pma_fontsize cookie.

In the GIS editor feature, a parameter specifying the geometry type was not correcly validated, opening the door to a local file inclusion attack.

This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required page.

With a crafted file name it is possible to trigger an XSS in the error reporting page.

This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required page.

In the error reporting feature, a parameter specifying the file was not correctly validated, allowing the attacker to derive the line count of an arbitrary file

This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required page.

References

CVE Name CVE-2014-8958
CVE Name CVE-2014-8959
CVE Name CVE-2014-8960
CVE Name CVE-2014-8961
URL http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
URL http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
URL http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
URL http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php