FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- Path disclosure due to missing library

Affected packages
phpMyAdmin < 3.5.2.1

Details

VuXML ID aca0d7e0-e38a-11e1-999b-e0cb4e266481
Discovery 2012-08-03
Entry 2012-08-11

The phpMyAdmin development team reports:

The show_config_errors.php script does not include a library, so an error message shows the full path of this file, leading to possible further attacks.

References

CVE Name CVE-2012-4219
URL http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php