Red Hat Bugzilla – Bug 993613
CVE-2013-5029 phpMyAdmin: ClickJacking protection can be bypassed (PMASA-2013-10)
Last modified: 2014-08-07 07:46:09 EDT
A security flaw was found in the way phpMyAdmin, a tool to handle the administration of MySQL over the World Wide Web, (previously) implemented the protection against the click-jacking attacks. A remote attacker could provide a specially-crafted web page that, when visited by an unsuspecting phpMyAdmin user might allow an attacker to perform some kind of unauthorized action.
Relevant patches [*]
This issue affects the (latest) versions of the phpMyAdmin package, as shipped with Fedora release of 18, 19, Fedora EPEL-5, and Fedora EPEL-6. Please schedule an update.
Created phpMyAdmin tracking bugs for this issue:
Affects: fedora-all [bug 993617]
Affects: epel-all [bug 993618]
phpMyAdmin-4.2.6-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.6-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-220.127.116.11-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.