Candidate: CVE-2009-3697
PublicDate: 2009-10-16 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697
 http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
Description:
 SQL injection vulnerability in the PDF schema generator functionality in
 phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote
 attackers to execute arbitrary SQL commands via unspecified interface
 parameters.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/450505
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_phpmyadmin:
 upstream: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13034
upstream_phpmyadmin: released (3.2.2.1)
dapper_phpmyadmin: ignored (reached end-of-life)
hardy_phpmyadmin: released (4:2.11.3-1ubuntu1.3)
intrepid_phpmyadmin: released (4:2.11.8.1-1ubuntu0.2)
jaunty_phpmyadmin: released (4:3.1.2-1ubuntu0.2)
karmic_phpmyadmin: not-affected (4:3.2.2.1-1)
devel_phpmyadmin: not-affected (4:3.2.2.1-1)