CVE-2008-3456

Description

phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.

How to fix CVE-2008-3456

To remediate CVE-2008-3456, upgrade the affected package to a fixed version below.

• Debian/phpmyadmin—upgrade to 4:2.11.8~rc1-1 or later

Is CVE-2008-3456 being exploited?

Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 4:2.11.8~rc1-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-3456