Other Security Advisories

Filed under
Security

Less critical

Description:
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attack.

Solution:
Update to "dev-db/phpmyadmin-2.6.2_rc1" or later.

Link

Hightly Critical

Description:
SUSE has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), spoof the URL displayed in an address bar and status bar, or potentially compromise a vulnerable system.

Solution:
Apply updated packages.

Link

Moderately critical

Description:
Andreas Constantinides has reported a vulnerability in the zOOm Media Gallery module for Mambo, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "catid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability has been reported in version 2.1.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Link