Oval Definition:	oval:org.opensuse.security:def:20166614
Revision Date: 2022-06-30 Version: 1 Title: CVE-2016-6614 Description: An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-6614 Mitre CVE-2016-6614 SUSE CVE-2016-6614 openSUSE-SU-2016:2168-1 openSUSE-SU-2016:2176-1 Platform(s): openSUSE 13.1 openSUSE 13.2 openSUSE Leap 42.1 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE 13.1 is installed AND phpMyAdmin-4.4.15.8-63.1 is installed Definition Synopsis openSUSE 13.2 is installed AND phpMyAdmin-4.4.15.8-39.1 is installed Definition Synopsis openSUSE Leap 42.1 is installed AND Package Information phpMyAdmin-4.4.15.8-25.1 is installed AND phpMyAdmin is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND phpMyAdmin-4.6.5.2-1.1 is installed
BACK