NVD

Id
39075  
Name
CVE-2013-3238  
Description
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /ex00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.  
Reject
 
CVSS Version
2  
CVSS Score
6  
Severity
Medium  
CVSS Base Score
6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-04-25  
Modified Date
2013-11-18  
Seq
2013-3238  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
200035 39075 CVE-2013-3238 20130424 [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin  View
200036 39075 CVE-2013-3238 FEDORA-2013-7000  View
200037 39075 CVE-2013-3238 FEDORA-2013-6977  View
200038 39075 CVE-2013-3238 FEDORA-2013-6928  View
200039 39075 CVE-2013-3238 openSUSE-SU-2013:1065  View
200040 39075 CVE-2013-3238 25136  View
200041 39075 CVE-2013-3238 MDVSA-2013:160  View
200042 39075 CVE-2013-3238 http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php  View
200043 39075 CVE-2013-3238 https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549  View
200044 39075 CVE-2013-3238 https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66  View
200045 39075 CVE-2013-3238 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20915 JVNDB-2013-002490 phpMyAdmin における任意のコードを実行される脆弱性 phpMyAdmin は、置換テーブルプレフィックス (Replace table prefix) 機能を使用する際、preg_replace 関数を呼び出す前に適切な処理を行わないため、任意のコードを実行される脆弱性が存在します。 CVE-2013-3238 63180 CVE-2013-3238 39075 6 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002490.html 2013-04-24 2013-11-25 View