PublicDate: 2005-10-23 21:02:00 UTC
Candidate: CVE-2005-3300
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3300
Description:
 The register_globals emulation layer in grab_globals.php for phpMyAdmin
 before 2.6.4-pl3 does not perform safety checks on values in the _FILES
 array for uploaded files, which allows remote attackers to include
 arbitrary files by using direct requests to library scripts that do not use
 grab_globals.php, then modifying certain configuration values for the
 theme.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_phpmyadmin: released (2.8.0.3-1)
edgy_phpmyadmin: released (2.8.0.3-1)
feisty_phpmyadmin: released (2.8.0.3-1)
devel_phpmyadmin: released (2.8.0.3-1)
upstream_phpmyadmin: needs-triage