CVE

Id
11750  
CVE No.
CVE-2005-0544  
Status
Candidate  
Description
phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.  
Phase
Assigned (20050224)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
84163 11750 CVE-2005-0544 SECUNIA:14382  View
84164 11750 CVE-2005-0544 URL:http://secunia.com/advisories/14382  View
84165 11750 CVE-2005-0544 CONFIRM:http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408  View
84166 11750 CVE-2005-0544 GENTOO:GLSA-200503-07  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61939 JVNDB-2005-000141 Cyrus-imapd における複数のバッファオーバーフローの脆弱性 Cyrus-imapd には、(1) imapd の ANNOTATE 拡張に不備が存在するため、一つずれ (off-by-one) によるオーバーフローが発生する脆弱性、 (2) imapd の ANNOTATE 拡張に不備が存在するため、一つずれ (off-by-one) によるオーバーフローが発生する等の複数の脆弱性が存在します。 CVE-2005-0546 11750 7.5 http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000141.html  View