CVE-2011-4107

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

CVSS v3.0 6.5 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://osvdb.org/76798	Broken Link
http://www.securityfocus.com/bid/50497	Broken Link Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2011/Nov/21	Exploit Mailing List Third Party Advisory
http://secunia.com/advisories/46447	Broken Link Vendor Advisory
http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php	Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=751112	Exploit Issue Tracking
http://www.wooyun.org/bugs/wooyun-2010-03185	Broken Link Exploit
http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt	Broken Link Exploit
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html	Mailing List Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:198	Broken Link
http://securityreason.com/securityalert/8533	Broken Link
http://www.openwall.com/lists/oss-security/2011/11/03/3	Mailing List
http://www.openwall.com/lists/oss-security/2011/11/03/5	Mailing List
http://www.debian.org/security/2012/dsa-2391	Mailing List
https://exchange.xforce.ibmcloud.com/vulnerabilities/71108	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:16:::::::*
	cpe:2.3:o:fedoraproject:fedora:15:::::::*
	cpe:2.3:o:fedoraproject:fedora:14:::::::*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

History

09 Feb 2024, 02:27

Information

Published : 2011-11-17 19:55

Updated : 2024-02-09 02:27

NVD link : CVE-2011-4107

Mitre link : CVE-2011-4107

JSON object : View

Products Affected

debian

debian_linux

phpmyadmin

phpmyadmin

fedoraproject

fedora

CWE

CWE-611

Improper Restriction of XML External Entity Reference

Type	Values Removed	Values Added
CWE	~~CWE-200~~	CWE-611
First Time		Fedoraproject fedora Fedoraproject Debian Debian debian Linux
CVSS	v2 : ~~4.3~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 6.5
References	~~(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:198 -~~	(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:198 - Broken Link
References	~~(MISC) http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt - Exploit~~	(MISC) http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt - Broken Link, Exploit
References	~~(OSVDB) http://osvdb.org/76798 -~~	(OSVDB) http://osvdb.org/76798 - Broken Link
References	~~(SECUNIA) http://secunia.com/advisories/46447 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/46447 - Broken Link, Vendor Advisory
References	~~(BID) http://www.securityfocus.com/bid/50497 -~~	(BID) http://www.securityfocus.com/bid/50497 - Broken Link, Third Party Advisory, VDB Entry
References	~~(SREASON) http://securityreason.com/securityalert/8533 -~~	(SREASON) http://securityreason.com/securityalert/8533 - Broken Link
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2011/11/03/3 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2011/11/03/3 - Mailing List
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html - Mailing List, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html - Mailing List, Third Party Advisory
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/71108 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/71108 - Third Party Advisory, VDB Entry
References	~~(DEBIAN) http://www.debian.org/security/2012/dsa-2391 -~~	(DEBIAN) http://www.debian.org/security/2012/dsa-2391 - Mailing List
References	~~(FULLDISC) http://seclists.org/fulldisclosure/2011/Nov/21 - Exploit~~	(FULLDISC) http://seclists.org/fulldisclosure/2011/Nov/21 - Exploit, Mailing List, Third Party Advisory
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=751112 - Exploit~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=751112 - Exploit, Issue Tracking
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2011/11/03/5 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2011/11/03/5 - Mailing List
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html -~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html - Mailing List, Third Party Advisory
References	~~(MISC) http://www.wooyun.org/bugs/wooyun-2010-03185 - Exploit~~	(MISC) http://www.wooyun.org/bugs/wooyun-2010-03185 - Broken Link, Exploit
CPE	cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.3:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.4:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.2:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.5.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.2:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.6:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.7:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.1:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.1:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8.1:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.1:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.6:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7:::::::*	cpe:2.3:o:fedoraproject:fedora:16:::::::* cpe:2.3:a:phpmyadmin:phpmyadmin:::::::: cpe:2.3:o:fedoraproject:fedora:15:::::::* cpe:2.3:o:fedoraproject:fedora:14:::::::* cpe:2.3:o:debian:debian_linux:5.0:::::::*

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2011-4107

6.5^/10

4.3^/10

Attach tags to `CVE-2011-4107`