Candidate: CVE-2011-2505
PublicDate: 2011-07-14 23:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
Description:
 libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication
 feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns
 values to arbitrary parameters referenced in the query string, which allows
 remote attackers to modify the SESSION superglobal array via a crafted
 request, related to a "remote variable manipulation vulnerability."
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/806788
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_phpmyadmin:
upstream_phpmyadmin: released (4:3.4.3.1-1)
hardy_phpmyadmin: ignored (reached end-of-life)
lucid_phpmyadmin: ignored (reached end-of-life)
maverick_phpmyadmin: ignored (reached end-of-life)
natty_phpmyadmin: ignored (reached end-of-life)
oneiric_phpmyadmin: released (4:3.4.3.1-1)
precise_phpmyadmin: released (4:3.4.3.1-1)
quantal_phpmyadmin: released (4:3.4.3.1-1)
raring_phpmyadmin: released (4:3.4.3.1-1)
saucy_phpmyadmin: released (4:3.4.3.1-1)
devel_phpmyadmin: released (4:3.4.3.1-1)