PMASA-2010-2
Announcement-ID: PMASA-2010-2
Date: 2010-01-15
Summary
Unsafe handling of temporary files
Description
phpMyAdmin created temporary files with predictable file name.
Severity
We consider these vulnerabilities to be not critical.
Affected Versions
For 2.11.x: versions before 2.11.10 are affected.
Unaffected Versions
3.x releases are not affected.
Solution
Upgrade to phpMyAdmin 3.0.0 or 2.11.10.
References
We wish to thank to Thijs Kinkhorst for pointing out this issue.
Assigned CVE IDs: CVE-2008-7252
Patches
The following commits have been made to fix this issue:
The following commits have been made on the 2.11 branch to fix this issue:
More information
For further information and in case of questions, please contact the phpMyAdmin security team at security@phpmyadmin.net.