Candidate: CVE-2015-3902
PublicDate: 2015-05-26 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
Description:
 Multiple cross-site request forgery (CSRF) vulnerabilities in the setup
 process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x
 before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack
 the authentication of administrators for requests that modify the
 configuration file.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_phpmyadmin:
upstream_phpmyadmin: needs-triage
precise_phpmyadmin: ignored (reached end-of-life)
precise/esm_phpmyadmin: DNE (precise was needed)
trusty_phpmyadmin: ignored (out of standard support)
trusty/esm_phpmyadmin: needed
utopic_phpmyadmin: ignored (reached end-of-life)
vivid_phpmyadmin: released (4:4.2.12-2+deb8u1build0.15.04.1)
vivid/stable-phone-overlay_phpmyadmin: DNE
vivid/ubuntu-core_phpmyadmin: DNE
wily_phpmyadmin: not-affected (4:4.4.6.1-1)
xenial_phpmyadmin: not-affected (4:4.4.6.1-1)
yakkety_phpmyadmin: not-affected (4:4.4.6.1-1)
zesty_phpmyadmin: not-affected (4:4.4.6.1-1)
artful_phpmyadmin: not-affected (4:4.4.6.1-1)
bionic_phpmyadmin: not-affected (4:4.4.6.1-1)
cosmic_phpmyadmin: not-affected (4:4.4.6.1-1)
disco_phpmyadmin: not-affected (4:4.4.6.1-1)
eoan_phpmyadmin: DNE
focal_phpmyadmin: not-affected (4:4.4.6.1-1)
groovy_phpmyadmin: not-affected (4:4.4.6.1-1)
hirsute_phpmyadmin: not-affected (4:4.4.6.1-1)
impish_phpmyadmin: not-affected (4:4.4.6.1-1)
jammy_phpmyadmin: not-affected (4:4.4.6.1-1)
devel_phpmyadmin: not-affected (4:4.4.6.1-1)