Security announcements for Frugalware stable releases http://frugalware.org/security http://frugalware.org/security/693 http://frugalware.org/security/693#top Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system. 1) An integer truncation error when parsing certain content can be exploited to cause a heap-based buffer overflow via a specially crafted file. 2) A short integer overflow error when parsing certain content can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.Vulnerable version: 3.2.1-4, Unaffected version: 3.2.1-5haven1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2935 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2936 Sun, 29 Aug 2010 00:00:00 +0200 http://frugalware.org/security/692 http://frugalware.org/security/692#top Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "field_str" parameter to db_search.php , the "delimiter" parameter to db_sql.php, the "sort" parameter to db_structure.php, the "db" parameter to js/messages.php, the "sort_by" parameter to server_databases.php, the "checkprivs", "dbname", "pred_tablename", "selected_usr[]", "tablename", and "username" parameters to server_privileges.php, the "DefaultLang" parameter to setup/config.php, the "cpurge", "goto", "purge", "purgekey", "table", and "zero_rows" parameters to sql.php, and the "fields[multi_edit][]" parameter to tbl_replace.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.Vulnerable version: 3.3.5-1, Unaffected version: 3.3.5.1-1haven1, CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 Sun, 29 Aug 2010 00:00:00 +0200 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100 http://frugalware.org/security/ http://frugalware.org/security/#top Vulnerable version: , Unaffected version: , CVEs: Thu, 01 Jan 1970 01:00:00 +0100