The AAC file parsing code in iTunes contains an integer overflow vulnerability. Parsing a maliciously-crafted AAC file could cause iTunes to terminate or potentially execute arbitrary code. Patches are available now.

Security vulnerabilities have been identified in Perl 5.8.2 and earlier running on HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute unauthorized code. Patches are available now.

Several vulnerabilities were found in Novells ZENworks Patch Management. Patches are available now.

Microsoft Internet Explorer fails to properly handle directories with CLSID extensions. This may allow an attacker to bypass the warning dialog that Internet Explorer should display before executing downloaded code. No security update is available yet.

A vulnerability exists in the access point web-browser interface when Security > Admin Access is changed from Default Authentication (Global Password) to Local User List Only (Individual Passwords). Successful exploitation of this vulnerability will result in unauthorized administrative access to the access point via the web management interface or via the console port. A patch is available now.

Wireless Control System is a centralized, systems-level application for managing and controlling lightweight access points and wireless LAN controllers for the Cisco Unified Wireless Network. WCS contains multiple vulnerabilities including information disclosure and privilege escalation issues. Patches are available now.

Several vulnerabilities were found in the OpenOffice.org ans StarOffice office suite. It is possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. It is possible to evade the Java sandbox with specially crafted Java applets. Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code. Patches are available now.

A stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. Fixed packages are available now.

Several security issues in AFP, ClamAV, ImageIO, launchd, and OpenLDAP are fixed in Mac OS X version v10.4.7, which is available now.

The freetype2 library renders TrueType fonts for open source projects. Three integer overflows were found in freetype2 that can lead to a remote denial-of-service attack and may lead to remote command execution. Fixed packages are available now.

The LZW decoding in the gdImageCreateFromGifPtr function in the libgd graphics draw (GD) library allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
Tetex and libwmf contain a embedded copies of the GD library code and are also vulnerable.
Fixed packages are available now.

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Fixed packages are available now.

Vulenrabilities were found in the openssh and sendmail programs of the Hardware Management Console (HMC). Patches are available now.

A Cross Site Scripting (CSS or XSS) vulnerability in the Sun ONE and Sun Java System Application Server may allow an unprivileged remote user to steal cookie information, hijack sessions, or cause a loss of data privacy between a client and the server. Patches are available now.

A security vulnerability has been identified with HP-UX. The vulnerability could be exploited by a local user to create a Denial of Service (DoS). Patches are available now.

Several vulnerabilities were found in MySQL, a popular SQL database management system.
Several vulnerabilities were found in Mozilla Firefox, Thunderbird and SeaMonkey, thirteen of which are rated as critical.
Fixed packagess are available now.

A vulnerability in the artswrapper program, when installed setuid root, could enable a local user to elevate their privileges to that of root.
A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server.
A boundary checking error was discovered in the wv2 library, used for accessing Microsoft Word documents. This error can lead to an integer overflow induced by processing certain Word files.
Mysqld allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
Fixed packages are available now.

A flaw in the handling of user IDs by GnuPG was detected, that may lead to denial of service or the execution of arbitrary code. A fixed software version is available now.

It was discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges. Fixed packages are available now.

Cisco Secure Access Control Server (ACS) provides a centralized identity networking solution and simplified user management experience across all Cisco devices and security management applications. A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). By default, the Cisco Secure ACS web administration login page runs on TCP port 2002. Upon successful authentication, the client is then redirected to a dynamicand unique HTTP server port between 1024 and 65535. Once authenticated, ACS relies solely upon the port and the client IP address to validate the session. So an attacker might overtake the session - with all consequences.
Cisco is investigating on this topic and will publish a patch, if necessary.

WinSCP is an open source SFTP client for Microsoft windows. If an attacker convinces a user to follow a specially crafted URL, he or she can transfer a file directly to the user's computer. The attacker may also be able to append information to files. Version 3.8.2 of WinSCP has been published and contains a fix for this vulnerability.

As reported before, Nagios shows a buffer overflow when processing a HTTP header. Now, for OpenBSD a patch is available.

The Microsoft Windows system library for handling hyperlinks (HLINK.DLL) contains a buffer overflow. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. A patch is not available yet.

RealVNC is a remote control access product that is bundled with Cisco CallManager to provide remote console access. A vulnerability in RealVNC may allow a malicious user to bypass RealVNC authentication to gain console access to a Cisco CallManager system. A patch is available now.

A bug has been discovered in the Courier Mail Server that can result in a number of processes to consume arbitrary amounts of CPU power. Fixed packages are available now.

The weekly SUSE Security Summary report vulnerabilities in the tiff, snort, and xine-lib packages. Updated packages are available now and should be installed on the vulnerable systems.

SGI has released the Security Update #59 for SGI Advanced Linux Environment 3. These updates fix security related problems in mailman, quagga, postgresql, sendmail, and xscreensaver. So it's recommended to install this update.

Two remote code execution vulnerabilities were found in the WWW statistical analyzer awstats. Fixed packages are available now.

A Cross Site Scripting (XSS) weakness was discovered in the web interface of the Cisco CallManager. XSS attacks of this nature rely on intervention of a privileged user and typically attempt to manipulate or trick such a user into clicking on an HTTP URL (typically embedded in an email or HTTP web page). A patch is not available yet.

Two buffer overflows have been discovered in 'tiffsplit' and 'tiff2pdf', that are part of the tiff package. Fixed packages are available now.

A security vulnerability has been identified with HP-UX running Support Tools Manager (xstm, cstm, stm). The vulnerability could be exploited by a local user to create a Denial of Service (DoS). Patches are available now.

Cisco Secure Access Control Server (ACS) is a centralized user access control framework. Cisco Secure ACS for UNIX LogonProxy.cgi is vulnerable to Cross Site Scripting (XSS) attacks via both HTML GET and POST requests. A patch is available now.

A vulnerability in update_flash may allow local users to execute arbitrary code with root privileges. Patches are available now.

A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list.
A PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
A buffer overflow in the t2p_write_pdf_string function in tiff2pdf allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters.
A flaw was discovered in the way that spamd processes the virtual POP usernames passed to it. If running with the --vpopmail and --paranoid flags, it is possible for a remote user with the ability to connect to the spamd daemon to execute arbitrary commands as the user running spamd.
Fixed packages are available now.

The core packages of KDE include the KDE Display Manager (KDM). A flaw was discovered in KDM. A malicious local KDM user could use a symlink attack to read an arbitrary file that they would not normally have permissions to read. Fixed packages are available now.

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
The Horde web application framework performs insufficient input sanitising, which might lead to the injection of web script code through cross-site scripting.
A boundary checking error has been discovered in wv2, a library for accessing Microsoft Word documents, which can lead to an integer overflow induced by processing word files.
Fixed packages are available now.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

Sendmail is a widely used mail transfer agent (MTA). Sendmail does not properly handle malformed multipart MIME messages. This vulnerability may allow a remote, unauthenticated attacker to cause a denial-of-service condition. Fixed software is available now.

A vulnerability in PostgreSQL allows attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters. Fixed packages are available now.

A vulnerability has been discovered in webcalendar, a PHP-based multi-user calendar, that allows a remote attacker to execute arbitrary PHP code when register_globals is turned on. Fixed packages are available now.

Several problems have been discovered in the FreeType 2 font engine which could allow remote attackers to cause a denial of service or lead to the execution of arbitrary code. Fixed packages are available now.

A flaw was found in the way Mailman handles MIME multipart messages. An attacker could send a carefully crafted MIME multipart email message to a mailing list run by Mailman which would cause that particular mailing list to stop working.
Several vulnerabilities were found in MySQL, a popular SQL database management system.
Fixed packages are available now.

On "7th generation" and "8th generation" processors manufactured by AMD the NetBSD kernel does not restore the contents of the FOP, FIP, and FDP debug registers between context switches. A local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive information.
Insufficient validation when parsing IPv6 socket options can lead to a system crash. This can be triggered by a local non-privileged user.
Patches are available now.

Two buffer overflows have been discovered in the TIFF library.
It was discovered that MySQL, a popular SQL database, incorrectly parses a string escaped with mysql_real_escape() which could lead to SQL injection.
Several format string vulnerabilities have been discovered in xine-ui, the user interface of the xine video player, which may cause a denial of service.
Several cross-site scripting vulnerabilities were discovered in Gforge, an online collaboration suite for software development, which allow injection of web script code.
Fixed packages are available now.

A stack-based buffer overflow in st.c in slurpd for OpenLDAP might allow attackers to execute arbitrary code via a long hostname.
SQL injection vulnerability in MySQL attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
A vulnerability in PostgreSQL allows attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters.
Fixed packages are available now.

A vulnerability has been discoverd in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands. Fixed packages are available now.

A local unprivileged user may be able to execute arbitrary code with the privileges of another user (including root), due to incorrect file and directory permissions from one of the package components of the Sun Storage Automated Diagnostic Environment (StorADE) Software. Patches are available now.

The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service.
Several encoding problems have been discovered in PostgreSQL, a popular SQL database.
A buffer overflow was discovered in the ktools library which is used in centericq, a text-mode multi-protocol instant messenger client, which may lead local or remote attackers to execute arbitrary code.
Several problems have been discovered in freeradius, a high-performance and highly configurable RADIUS server.
A vulnerability has been discoverd in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands.
Fixed packages are available now.

The VMware ESX Server product provides a web application to perform management of the system. One of the functions of this application is to allow administrative users to view log files, such as syslog, through a browser. No encoding of syslog data is performed to ensure that HTML meta-characters are not interpreted by the browser. This allows an attacker to inject HTML content, including JavaScript, into the syslog file where it would be rendered or executed when viewed through the Management Interface. Fixed software is available now.

Evolution can crash displaying certain carefully crafted images, if the "Load images if sender is in address book" option in enabled. Fixed packages are available now.

Mozilla has released new versions of Firefox, Thunderbird and SeaMonkey that fixes multiple vulnerabilites, thirteen of which are rated as critical. Patches are available now.

Several vulnerabities were found in routing daemons quagga and zebra, that may lead to information disclosure, route injection and denial of service attackes.
Several format string vulnerabilities were found in Dia.
Fixed packages are available now.

Sendmail is a multi purpose Mailserver. It might allow a remote attacker to execute arbitrary code as root, caused by a signal race vulnerability. An updated package solves this problem.

Several security vulnerabilities have been identified with Mozilla running on HP-UX. HP has released patches now.

A bug in cupsomatic/foomatic-filters allowes remote printer users to execute arbitrary commands with the UID of the printer daemon.
Several vulnerabilities were found in the Linux kernel.
The code in do_command.c in Vixie cron does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.
Fixed packagess are available now.

A change in the build process of ypserv(8) caused the access restrictions through the /var/yp/securenets file to be inadvertantly disabled.
When inside a chroot environment which resides on a smbfs mounted file-system it is possible for an attacker to escape out of this chroot to any other directory on the smbfs mounted file-system.
Patches are available now.

A buffer overflow was discovered in the processing of network data in typespeed, a game for testing and improving typing speed, which could lead to the execution of arbitrary code. Fixed packages are available now.