phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities were found in phpMyAdmin, the most severe of which allows the execution of arbitrary PHP code. phpMyAdmin 2012-01-04 2012-01-04 302745 335490 336462 354227 373951 376369 387413 389427 395715 remote 3.4.9 3.4.9

phpMyAdmin is a web-based management tool for MySQL databases.

Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers and phpMyAdmin Security Advisories referenced below for details.

Remote attackers might be able to insert and execute PHP code, include and execute local PHP files, or perform Cross-Site Scripting (XSS) attacks via various vectors.

There is no known workaround at this time.

All phpMyAdmin users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-3.4.9"
CVE-2008-7251 CVE-2008-7252 CVE-2010-2958 CVE-2010-3055 CVE-2010-3056 CVE-2010-3263 CVE-2011-0986 CVE-2011-0987 CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508 CVE-2011-2642 CVE-2011-2643 CVE-2011-2718 CVE-2011-2719 CVE-2011-3646 CVE-2011-4064 CVE-2011-4107 CVE-2011-4634 CVE-2011-4780 CVE-2011-4782 PMASA-2010-1 PMASA-2010-2 PMASA-2010-4 PMASA-2010-5 PMASA-2010-6 PMASA-2010-7 PMASA-2011-1 PMASA-2011-10 PMASA-2011-11 PMASA-2011-12 PMASA-2011-15 PMASA-2011-16 PMASA-2011-17 PMASA-2011-18 PMASA-2011-19 PMASA-2011-2 PMASA-2011-20 PMASA-2011-5 PMASA-2011-6 PMASA-2011-7 PMASA-2011-8 PMASA-2011-9 underling underling