CVE-2009-3697

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2009-3697

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-3697.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-3697

Downstream

DEBIAN-CVE-2009-3697

DSA-1918-1

Published

2009-10-16T16:30:00Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.

References

http://secunia.com/advisories/37016
http://www.mandriva.com/security/advisories?name=MDVSA-2009:274
http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
http://www.vupen.com/english/advisories/2009/2899
https://bugzilla.redhat.com/show_bug.cgi?id=528769
http://bugs.gentoo.org/show_bug.cgi?id=288899
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html
http://freshmeat.net/projects/phpmyadmin/releases/306667
http://freshmeat.net/projects/phpmyadmin/releases/306669
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://marc.info/?l=oss-security&m=125553728512853&w=2
http://marc.info/?l=oss-security&m=125561979001460&w=2
http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/
http://www.securityfocus.com/bid/36658
https://exchange.xforce.ibmcloud.com/vulnerabilities/53741
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html

CVE-2009-3697

Affected packages