#VU41047 Cross-site scripting in phpMyAdmin - CVE-2014-8958

Cybersecurity Help s.r.o.

Published: 2014-11-30 | Updated: 2020-08-09

Vulnerability identifier: #VU41047

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2014-8958

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
phpMyAdmin
Web applications / Remote management & hosting panels

Vendor: phpMyAdmin

Description

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

phpMyAdmin: 4.0.0 - 4.0.10.5, 4.1.0 - 4.1.14.6, 4.2.0 - 4.2.11

External links
https://lists.opensuse.org/opensuse-updates/2014-12/msg00017.html
https://www.debian.org/security/2015/dsa-3382
https://www.mandriva.com/security/advisories?name=MDVSA-2014:228
https://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
https://www.securityfocus.com/bid/71243
https://github.com/phpmyadmin/phpmyadmin/commit/1bc04ec95038f2356ad33752090001bf1c047208
https://github.com/phpmyadmin/phpmyadmin/commit/2a3b7393d1d5a8ba0543699df94a08a0f5728fe0
https://github.com/phpmyadmin/phpmyadmin/commit/2ffdbf2d7daa0b92541d8b754e2afac555d3ed21
https://github.com/phpmyadmin/phpmyadmin/commit/d32da348c4de2379482a48661ce968a55eebe5c4
https://security.gentoo.org/glsa/201505-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for phpMyAdmin

Multiple vulnerabilities in phpMyAdmin