Detections
Analytics

CVE-2008-7251

critical

Description

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.

References

http://www.vupen.com/english/advisories/2010/0910

http://www.securityfocus.com/bid/37826

http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php

http://www.debian.org/security/2010/dsa-2034

http://secunia.com/advisories/39503

http://secunia.com/advisories/38211

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html

Details

Source: Mitre, NVD

Published: 2010-01-19

Updated: 2010-05-06

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical