Candidate: CVE-2009-1150
PublicDate: 2009-03-26 14:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in the export page
 (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x
 before 3.1.3.1 allow remote attackers to inject arbitrary web script or
 HTML via the pma_db_filename_template cookie.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_phpmyadmin:
 upstream: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/trunk/phpMyAdmin/libraries/display_export.lib.php?r1=11986&r2=12302&pathrev=12302
upstream_phpmyadmin: needs-triage
dapper_phpmyadmin: ignored (reached end-of-life)
gutsy_phpmyadmin: needed (reached end-of-life)
hardy_phpmyadmin: released (4:2.11.3-1ubuntu1.2)
intrepid_phpmyadmin: released (4:2.11.8.1-1ubuntu0.1)
jaunty_phpmyadmin: released (4:3.1.2-1ubuntu0.1)
karmic_phpmyadmin: not-affected (4:3.2.0.1-1)
devel_phpmyadmin: not-affected (4:3.2.0.1-1)