Oval Definition:	oval:org.opensuse.security:def:20152206
Revision Date: 2022-06-30 Version: 1 Title: CVE-2015-2206 Description: libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-2206 Mitre CVE-2015-2206 SUSE CVE-2015-2206 openSUSE-SU-2015:1191-1 Platform(s): openSUSE 13.1 openSUSE 13.2 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE 13.1 is installed AND phpMyAdmin-4.2.13.3-31.1 is installed Definition Synopsis openSUSE 13.2 is installed AND phpMyAdmin-4.2.13.3-11.1 is installed Definition Synopsis openSUSE Tumbleweed is installed AND phpMyAdmin-4.6.5.2-1.1 is installed
BACK