2017-10-16 12:31:07 -04:00
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2016-2039" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
2018-04-05 09:33:01 -04:00
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "DSA-3627" ,
"refsource" : "DEBIAN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.debian.org/security/2016/dsa-3627"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "FEDORA-2016-e1fe01e96e" ,
"refsource" : "FEDORA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "FEDORA-2016-e55278763e" ,
"refsource" : "FEDORA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "openSUSE-SU-2016:0357" ,
"refsource" : "SUSE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "openSUSE-SU-2016:0378" ,
"refsource" : "SUSE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html"
}
]
}
}
