A SQL injection vulnerability has been found in wordpress, a weblog manager. An authenticated user might be able to execute arbitrary SQL commands via the Send Trackbacks field.
Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. Most concequences when exploiting these vulnerabilities is the injection of arbitrary web script or HTML.
Fixed packages are available now.

A double free vulnerability in libxml2 (xpath.c) allows remote attackers to cause a Denial-of-Service or possibly have unspecified other impact via vectors related to XPath handling. Updated packages have been published to correct this issue.

A vulnerability was found in the Drupal third-party module Image, allowing a remote Cross-Site Scripting (XSS) attack. Fixed software is available now. Please be aware that Drupal core is not affected.

A new SUSE Security Summary reports about vulnerabilities in the packages clamav, subversion, pytho, krb5, otrs, moonlight, OpenOffice.org, kdnetwork4, zope, xpdf, gnutls, and opera. Updated packages are available now and should be installed on vulnerable systems.

The ActiveX control, WBEMSingleView.ocx, that is a part of the WMI Administrative Tools package contains a vulnerability. The AddContextRef() and ReleaseContext() functions of the WMI Object Viewer control can be passed an object pointer from an attacker that results in arbitrary code execution by remote attackers. An Internet Explorer user with WBEMSingleView.ocx installed can be exploited by visiting a malicious web page. A patch isn't available yet.

No further comment due to legal reasons.

Microsoft IIS FTP server 7.5 is affected by a pre-authentication memory corruption vulnerability. A specifically crafted request sent to the IIS FTP service can result in memory corruption causing the service to crash. A Denial-of-Service (DoS) exploit has been released to the public. IIS 7.5.7600.16385 on Windows 7 is reported to be affected. Other versions may also be affected. Currently, a solution is not available.

A vulnerability was found in the Drupal third-party module oEmbed. Fixed software is available now. Please be aware that Drupal core is not affected.

Under certain conditions ESXi 4.1 incorrectly handles the SFCB authentication mode. The result is that SFCB authentication could allow login with any username and password combination. A workaround is described in the advisory.

A flaw was found in the way mod_auth_mysql escaped certain multibyte-encoded strings. If mod_auth_mysql was configured to use a multibyte character set that allowed a backslash ("\") as part of the character encodings, a remote attacker could inject arbitrary SQL commands into a login request.
A cross-site scripting (XSS) flaw was found in gitweb, a simple web interface for Git repositories. A remote attacker could perform an XSS attack against victims by tricking them into visiting a specially-crafted gitweb URL.
Fixed packages are available now.

Two vulnerabilities were discovered in xpdf rendering engine, which may lead to the execution of arbitrary code if a malformed PDF file is opened.
It was discovered that Tor, a tool to enable online anonymity, does not correctly handle all data read from the network. By supplying specially crafted packets a remote attacker can cause Tor to overflow its heap, crashing the process.
Fixed packages are available now.

A vulnerability was found in QEMU-KVM.
An integer overflow flaw, leading to arbitrary memory writes, was found in libvpx. An attacker could create a specially-crafted video encoded using the VP8 codec that, when played by a victim with an application using libvpx (such as Totem), would cause the application to crash or, potentially, execute arbitrary code.
Fixed packages are available now.

Several vulnerabilities were found in IBM Java 1.4.2. Fixed packages are available now.

An important library-loading vulnerability has been identified in Adobe Adobe Photoshop CS5 12.0.1 and earlier on the Windows platform. Exploitation of this vulnerability could allow an attacker to load arbitrary libraries by tricking a user into opening a file located on a remote WebDAV or SMB share. Adobe recommends Photoshop CS5 users update their product installations.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, Denial-of-Service or information leak. Updated kernel packages are available now.

A security vulnerability has been identified with HP StorageWorks Modular Smart Array P2000 G3. This vulnerability could be exploited to allow remote unauthorized access. Fixed software is available now.

A security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Fixed software is available now.

Serveral vulnerabilities were found in the Apple Time Capsule and AirPort Base Station (802.11n) Firmware. Fixed software is available now.

A security vulnerability has been identified with HP Power Manager (HPPM) running on Linux and Windows. The vulnerability could be exploited remotely to execute arbitrary code. Fixed software is available now.

Several vulnerabilities were found in the Drupal third-party modules Drupal For Firebug and Views. Fixed software is available now. Please be aware that Drupal core is not affected.

A potential security vulnerability has been identified with HP OpenVMS Integrity Servers. The vulnerability could be locally exploited to create a Denial-of-Service (DoS) or to gain privileged access to system resources. HP has made patch kits available now.

A potential security vulnerability has been identified with HP Insight Management Agents running on Linux and Windows. The vulnerability could be exploited remotely resulting in full path disclosure. HP has provided HP Insight Management Agents v8.6 or subsequent to resolve this vulnerability.

A potential security vulnerability has been identified with HP Insight Diagnostics Online Edition running on Linux and Windows. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). HP has provided HP Insight Diagnostics Online Edition v8.5.1.3712 to resolve this vulnerability.

Updated java-1.4.2-ibm-sap packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5 and 6 for SAP. Addtionally, updated java-1.6.0-ibm packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.

A vulnerability in the portion of the server that generates reports has been found. Due to the combination of insufficient checks being performed on the application and failure to authenticate a user for generating a chart, an attacker can overwrite arbitrary files on a server. Careful exploitation can lead to code execution under the context of the php interpreter. Symantec has issued an update to correct this vulnerability.

A vulnerability has been found within the Load and LoadTheme methods of the SapThemeRepository ActiveX control (sapwdpcd.dll) implemented by SAP NetWeaver Business Client. Due to a failure in bounds checking, a user-supplied parameter supplied to the vulnerable methods can overflow a stack buffer resulting in arbitrary code execution under the context of the user running the browser. SAP has issued an update to correct this vulnerability.

A vulnerability exists in the BlackBerry Attachment Service component of some versions of the BlackBerry Enterprise Server. It could allow a malicious individual to cause buffer overflow errors, which may result in arbitrary code execution on the computer that hosts the BlackBerry Attachment Service. While code execution is possible, an attack is more likely to result in the PDF rendering process terminating before it completes. In the event of such an unexpected process termination, the PDF rendering process will restart automatically but will not resume processing the same PDF file. Successful exploitation of this issue requires a malicious individual to persuade a BlackBerry smartphone user to open a specially crafted PDF file on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server. The PDF file may be attached to an E-Mail message, or the BlackBerry smartphone user may retrieve it from a web site using the Get Link menu item on the BlackBerry smartphone.
RIM has issued interim security software updates that resolve the vulnerability in affected versions of the BlackBerry Enterprise Server.

Two vulnerabilities have been found in perl-CGI-Simple. The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value. Further on, a CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier also allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters.
Fixed packages are available now.

Helix Player is a media player. Multiple security flaws were discovered in RealPlayer. Helix Player and RealPlayer share a common source code base; therefore, some of the flaws discovered in RealPlayer may also affect Helix Player. Some of these flaws could, when opening, viewing, or playing a malicious media file or stream, lead to arbitrary code execution with the privileges of the user running Helix Player. An update removes the HelixPlayer package from Red Hat Enterprise Linux 4.

Several vulnerabilities have been found in the kernel of SuSE Linux. Due to security reasons it's recommended to install updated kernel packages.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

Microsoft Internet Explorer contains a use-after-free vulnerability in the handling of CSS, which may allow a remote, unauthenticated attacker to execute arbitrary code. A patch is not available yet.

A vulerability in the Intel Alert Handler service ('hndlrsvc.exe') of Symantec Antivirus Corporate Edition can lead to a remote denial-of-service. A patch is not available yet.

Several vulnerabilities were found in Novell ZENWorks. Fixed software is available now.

If a TCP connection is established to the server on a port which has been configured for communication with a failover peer, this can cause it to become non-responsive to all normal DHCP protocol traffic. The server will progress to a communications-interrupted state - but in addition will also cease to provide DHCP services to clients. The server must be restarted to resume normal operation. Fixed software is available now.

It was discovered that collectd, a statistics collection and monitoring daemon, is prone to a denial of service attach via a crafted network packet. Fixed packages are available now.

A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to change the ciphersuite associated with a cached session stored on the server, if the server enabled the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option, possibly forcing the client to use a weaker ciphersuite after resuming the session. Fixed packages are available now.

Several security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote execution of arbitrary code, disclosure of information, and other vulnerabilities. Fixed software is available now.

Two vulnerabilities were found in the Adobe Reader. Fixed packages are available now.

Several vulnerabilities have been found in exim4 that allow a remote attacker to execute arbitrary code as root user. Exploits for these issues have been seen in the wild. An update fixes the memory corruption issue.

The RealPlayer is a famous media player by RealNetworks. Two vulnerabilities exist in the way RealPlayer handles specially crafted RealMedia video files or RealMedia files using RealAudio codec. So if an attacker convinces a user to open such a specially crafted file, remote execution of arbitrary code on a vulnerable system is possible. RealNetworks has released a patch which addresses these issues.

A vulnerability exists in CA XOsoft that can allow a remote attacker to execute arbitrary code. A patch is available now.

Several security vulnerabilities have been identified with HP-UX Apache-based Web Server. These vulnerabilities could be exploited locally to disclose information, increase privilege or remotely create a Denial of Service (DoS). Fixed software is available now.

Several critical vulnerabilities were found in the Mozilla Firefox browser, Thuderbird and Seamonkey. Fixed software is available now.

Several vulnerabilities were found in the Drupal third-party modules Who Bought What and Embedded Media Field. Fixed software is available now. Please be aware that Drupal core is not affected.

A new SUSE Security Summary reports about vulnerabilities in the packages libxml2, tomboy, krb5, php5, cups, java-1_6_0-openjdk, epiphany, and encfs. Updated packages are available now and should be installed on vulnerable systems.

Several vulnerabilities were found in the JBoss Enterprise Application Platform. Fixed packages are available now.

Updated kernel-rt packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise MRG 1.3. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Several vulnerabilities were found in Apple QuickTime. Fixed software is available now.

OpenSSL, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
Several vunerabilities were found in clamav.
Fixed packages are available now.

It was found that certain input could cause the apr-util library to allocate more memory than intended in the apr_brigade_split_line() function. An attacker able to provide input in small chunks to an application using the apr-util library (such as httpd) could possibly use this flaw to trigger high memory consumption. Fixed packages are available now.

A flaw was found in the way QEMU-KVM handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to "/dev/kvm" could use this flaw to crash the host (denial of service).
A stack-based buffer overflow flaw was found in the way the Quagga bgpd daemon processed certain BGP Route Refresh (RR) messages. A configured BGP peer could send a specially-crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. A NULL pointer dereference flaw was found in the way the Quagga bgpd daemon parsed the paths of autonomous systems (AS). A configured BGP peer could crash bgpd on a target system via a specially-crafted BGP message.
Fixed packages are available now.

An important library-loading vulnerability has been identified in Adobe Illustrator CS5 15.0.1 and earlier on the Windows platform. Exploitation of this vulnerability could allow an attacker to load arbitrary libraries by tricking a user into opening a file located on a remote WebDAV or SMB share. Adobe recommends Illustrator CS5 users update their product installations.

A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to execute arbitrary code or create a Denial-of-Service (DoS). HP has provided upgrades to resolve this vulnerability.

Several vulnerabilities were found in the Drupal third-party modules Outline Designer, Comment Edited, and Services. Fixed software is available now. Please be aware that Drupal core is not affected.

Two vulnerabilities were found in the Adobe Reader.
Two vulnerabilities were found in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.
Fixed packages are available now.

Updated kernel packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.

'libxml2' reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. Fixed packages are available now.

Several vulnerabilities were found in the ISC BIND nameserver. Fixed software is available now.

A vulnerability was found in the VMware ESX Service Console. Fixed software is available now.

A new SUSE Security Summary reports about vulnerabilities in the packages gdm, openssl/libopenssl-devel, poppler/libpoppler4/libpoppler-devel, and quagga. Updated packages are available now and should be installed on vulnerable systems.

The Management Console Installation Guide for Red Hat Enterprise MRG 1.3 instructed administrators to configure Condor to allow the MRG Management Console (cumin) to submit jobs on behalf of a user. This configuration facilitated a trust relationship between cumin and the Condor QMF plug-ins; however, there was inadequate access control on the trusted channel, allowing anyone able to publish to a broker to submit jobs to run as any other user. Fixed packages are available now.

A NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially-crafted DHCPv6 packet, if dhcpd was running as a DHCPv6 server.
A heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service (LDSS) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. A denial of service flaw was found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
Fixed packages are available now.

Several vulnerabilities were found in the MIT implementation of Kerberos (krb5). Fixed software is available now.