Red Hat Bugzilla – Bug 849008
CVE-2012-4345 CVE-2012-4579 phpMyAdmin: Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages (PMASA-2012-4)
Last modified: 2016-03-04 07:24:37 EST
Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages.
Using a crafted table name, it was possible to produce a XSS : 1) On the Database Structure page, creating a new table with a crafted name 2) On the Database Structure page, using the Empty and Drop links of the crafted table name 3) On the Table Operations page of a crafted table, using the 'Empty the table (TRUNCATE)' and 'Delete the table (DROP)' links 4) On the Triggers page of a database containing tables with a crafted name, when opening the 'Add Trigger' popup 5) When creating a trigger for a table with a crafted name, with an invalid definition. Having crafted data in a database table, it was possible to produce a XSS : 6) When visualizing GIS data, having a crafted label name.
We consider these vulnerabilities to be non critical.
These XSS can only be triggered when a table with a crafted name is already present, or if crafted data is already stored in a database table.
Versions 3.4.x are affected, for issues #1 and #2. Versions 3.5.x are affected, for all issues.
Upgrade to phpMyAdmin 126.96.36.199 or 188.8.131.52 or newer or apply the patches listed below.
Another CVE was assigned to these:
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-4579 to
the following vulnerability:
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin
3.5.x before 184.108.40.206 allow remote authenticated users to inject
arbitrary web script or HTML via a Table Operations (1) TRUNCATE or
(2) DROP link for a crafted table name, (3) the Add Trigger popup
within a Triggers page that references crafted table names, (4) an
invalid trigger-creation attempt for a crafted table name, (5) crafted
data in a table, or (6) a crafted tooltip label name during GIS data
visualization, a different issue than CVE-2012-4345.
Created phpMyAdmin tracking bugs for this issue
Affects: fedora-all [bug 850620]
Affects: epel-6 [bug 850621]
Created phpMyAdmin3 tracking bugs for this issue
Affects: epel-5 [bug 850622]