CVE-2016-5706
Gentoo Linux Security Advisory 201701-32
Severity Score
7.5
*CVSS v3
Exploit Likelihood
2.9%
*EPSS
Affected Versions
62
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.
js/get_scripts.js.php en phpMyAdmin 4.0.x en versiones anteriores a 4.0.10.16, 4.4.x en versiones anteriores a 4.4.15.7 y 4.6.x en versiones anteriores a 4.6.3 permite a atacantes remotos provocar una denegación de servicio a través de una gran variedad en el parámetro de secuencias de comandos.
Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution. Versions less than 4.6.5.1 are affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-16 CVE Reserved
- 2016-07-03 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (7)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-06/msg0011... | 2018-10-30 | |
| http://lists.opensuse.org/opensuse-updates/2016-06/msg0011... | 2018-10-30 | |
| http://www.debian.org/security/2016/dsa-3627 | 2018-10-30 | |
| https://security.gentoo.org/glsa/201701-32 | 2018-10-30 |
1 - 4 of 4