MDVSA-2010:186
- Package name
- phpmyadmin
- Date
- 2010-09-21
- Advisory ID
- MDVSA-2010:186
- Affected versions
- MES5 i586 , MES5 x86_64
Problem description
A vulnerability has been found and corrected in phpmyadmin:
Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php
in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote
attackers to inject arbitrary web script or HTML via a server name
(CVE-2010-3263).
This upgrade provides phpmyadmin 3.3.7 which is not vulnerable for
this security issue.
Updated packages
MES5 i586
6ec7899c8e4d029bd1a13bef9c84ebf3 mes5/i586/phpmyadmin-3.3.7-0.1mdvmes5.1.noarch.rpm 90b8d6eca124eb2833509936b4f634ba mes5/SRPMS/phpmyadmin-3.3.7-0.1mdvmes5.1.src.rpm
MES5 x86_64
cfd93b71cfafac8d586a824f74ff180e mes5/x86_64/phpmyadmin-3.3.7-0.1mdvmes5.1.noarch.rpm 90b8d6eca124eb2833509936b4f634ba mes5/SRPMS/phpmyadmin-3.3.7-0.1mdvmes5.1.src.rpm