Security announcements for Frugalware stable releases http://frugalware.org/security http://frugalware.org/security/761 http://frugalware.org/security/761#top A security issue and a vulnerability have been reported in drupal6-webform, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.Vulnerable version: 6.x_3.15-1, Unaffected version: 6.x_3.17-fermus1, CVEs: none Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/760 http://frugalware.org/security/760#top A security issue and a vulnerability have been reported in phpmyadmin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) It was possible to conduct XSS using a crafted database name.Vulnerable version: 3.4.9-1, Unaffected version: 3.4.10.1-fermus1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190 Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/759 http://frugalware.org/security/759#top A security issue and a vulnerability have been reported in thunderbird, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.Vulnerable version: 10.0-1, Unaffected version: 10.0.2-fermus1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/758 http://frugalware.org/security/758#top A security issue and a vulnerability have been reported in chromium-browser, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.Vulnerable version: 16.0.912.63-2, Unaffected version: 17.0.963.47-fermus1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/757 http://frugalware.org/security/757#top A security issue and a vulnerability have been reported in firefox, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.Vulnerable version: 10.0-1, Unaffected version: 10.0.2-fermus1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/756 http://frugalware.org/security/756#top A security issue and a vulnerability have been reported in flashplugin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 2) Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.Vulnerable version: 11.1.102.55-1, Unaffected version: 11.1.102.63-fermus1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0769 Thu, 08 Mar 2012 00:00:00 +0100 http://frugalware.org/security/755 http://frugalware.org/security/755#top A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. 2) An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.Vulnerable version: 6.22-1, Unaffected version: 6.24-1mores1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0827 Sun, 05 Feb 2012 00:00:00 +0100 http://frugalware.org/security/754 http://frugalware.org/security/754#top A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. 2) An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.Vulnerable version: 7.7-1, Unaffected version: 7.12-1mores1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0827 Sun, 05 Feb 2012 00:00:00 +0100 http://frugalware.org/security/753 http://frugalware.org/security/753#top Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash. 2) An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3) An error within the "lanalyzer_read()" function (wiretap/lanalyzer.c) when parsing LANalyzer files can be exploited to cause a heap-based buffer underflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. NOTE: A weakness within the file parser, which can lead to a crash when handling capture files has also been reported.Vulnerable version: 1.6.3-1mores1, Unaffected version: 1.6.5-1mores1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0041 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0043 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0068 Sun, 05 Feb 2012 00:00:00 +0100 http://frugalware.org/security/752 http://frugalware.org/security/752#top Aditya Modha and Samir Shah discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to e.g. wp-comments-post.php is not properly sanitised within the "wp_guess_url()" function in wp-includes/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.Vulnerable version: 3.2.1-1, Unaffected version: 3.3.1-1mores1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0287 Sun, 05 Feb 2012 00:00:00 +0100