UBUNTU-CVE-2016-6609
- Source
- https://ubuntu.com/security/CVE-2016-6609
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-6609.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2016-6609
- Related
- Published
- 2016-12-11T02:59:00Z
- Modified
- 2016-12-11T02:59:00Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:deb/ubuntu/phpmyadmin?arch=src?distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4:4.0.10-1ubuntu0.1+esm3
Ubuntu:Pro:16.04:LTS / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:deb/ubuntu/phpmyadmin?arch=src?distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4:4.5.4.1-2ubuntu2.1+esm5