Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities were discovered and corrected in phpmyadmin:
When the files README, ChangeLog or LICENSE have been removed from their original place (possibly by the distributor), the scripts used to display these files can show their full path, leading to possible further attacks (CVE-2011-0986).
It was possible to create a bookmark which would be executed unintentionally by other users (CVE-2011-0987).
The updated packages have been upgraded to the latest versions to mitigate these issues.
Affected
phpmyadmin on Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64
Severity
Classification
-
CVE CVE-2011-0986, CVE-2011-0987 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities