PublicDate: 2007-11-23 20:46:00 UTC
Candidate: CVE-2007-6100
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6100
Description:
 Cross-site scripting (XSS) vulnerability in
 libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when
 logins are authenticated with the cookie auth_type, allows remote attackers
 to inject arbitrary web script or HTML via the convcharset parameter to
 index.php, a different vulnerability than CVE-2005-0992.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.edge.launchpad.net/ubuntu/+source/phpmyadmin/+bug/162599
Priority: low
Discovered-by:
Assigned-to: fujitsu
CVSS: 
upstream_phpmyadmin: released (2.11.2.2)
dapper_phpmyadmin: ignored (reached end-of-life)
edgy_phpmyadmin: needed (reached end-of-life)
feisty_phpmyadmin: released (4:2.9.1.1-2ubuntu1.1)
gutsy_phpmyadmin: released (4:2.10.3-1ubuntu0.1)
hardy_phpmyadmin: not-affected (released 4:2.11.2.2-1)
intrepid_phpmyadmin: not-affected (released 4:2.11.2.2-1)
jaunty_phpmyadmin: not-affected (released 4:2.11.2.2-1)
karmic_phpmyadmin: not-affected (released 4:2.11.2.2-1)
devel_phpmyadmin: not-affected (released 4:2.11.2.2-1)