A vulnerability has been discovered and corrected in tomcat5. Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service via a request that contains many parameters and parameter values. The updated packages have been patched to correct this issue.

A remotely exploitable crash vulnerability exists in the IAX2 channel driver of Asterisk. To exploit this vulneability the followin paramters must be matched: 1. The setting mohinterpret=passthrough must be set on the end placing the call on hold. 2. A call must be established. 3. The call is placed on hold without a suggested music-on-hold class name. When these conditions are true, Asterisk will attempt to use an invalid pointer to a music-on-hold class name. Use of the invalid pointer will either cause a crash or the music-on-hold class name will be garbage. Updated packages are now available.

Updated openssl packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.

Updated kernel packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5.

Several vulnerabilities were discovered in Request Tracker, an issue tracking system. Updated packages are available now to fix these vulnerabilities.

Multiple vulnerabilities has been discovered and corrected in ncpfs. Updated packages are available now.

Multiple vulnerabilities have been discovered and corrected inutil-linux. Updated packages are available now.

A vulnerability in JIRA, that results from the way third-party XML parsers are used in JIRA, has been identified and fixed. This vulnerability allows an attacker who is an authenticated JIRA user to execute Denial of Service (DoS) attacks against the JIRA server. A patch is available now.

A flaw in the way library files are loaded could allow privilege escalation. A patch is available now.

Measuresoft ScadaPro could allow a remote attacker to execute arbitrary code on the system. The application doesn't directly specify the fully qualified path to a dynamic-linked library when running on Microsoft Windows. By persuading a victim to open a specially-crafted file from a WebDAV or SMB share using a vulnerable application, a remote attacker could exploit this vulnerability via a specially-crafted library to execute arbitrary code on the system. A patch is available now.

The dotCMS content management system version 1.9 and possibly earlier versions, contains a vulnerability that allows authenticated users with the appropriate permissions to create a malicious template with arbitrary code. dotCMS version 1.9.5.1 or 2.0.1 and later address this vulnerability.

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a Denial-of-Service, or possibly, execute arbitrary code within the context of the affected application. Updates are available now.

Several vulnerabilities were discovered in Request Tracker, an issue tracking system. Exploiting them might lead to remote code execution, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) or other problems. Updated packages are available, and they should be installed immediately.

Lotus Quickr ActiveX control as part of Lotus Domino is vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted Web page that passes an overly long argument to the Attachment_Times() or Import_Times() insecure method, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the victim's browser to crash. A fix that addresses this issue has been published.

Symantec Endpoint Protection is vulnerable to a Denial-of-Service, caused by an error when handling scans. A remote authenticated attacker could exploit this vulnerability to cause the host to become unresponsive.
Symantec Endpoint Protection could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the Management Console containing directory traversal sequences to delete arbitrary files on the system and render the Manager console unusable.
Updates are available now.

Tftpd32 is vulnerable to a denial of service. By sending a specially-crafted DHCP Discover packet, a remote attacker could exploit this vulnerability to cause the application to become unresponsive. A hotfix isn't available yet.

A vulnerability has been identified in Citrix XenApp that could result in a Denial-of-Service. This vulnerability is present in all versions of Citrix XenApp, formerly known as Presentation Server, up to and including version 6.5. In order to trigger this vulnerability, an attacker would need to be able to directly access the XenApp server. A hotfix has been released to address this issue.

It was discovered that sudo misparses network masks used in Host and Host_List stanzas. This allows the execution of commands on hosts, where the user would not be allowed to run the specified command. An off-by-one error in libxml2 might result in the execution of arbitrary code. Updated packages are available now.

The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker with access to the device's management web server can directly access the webpage to reset the administrator password using a specific URL. It's recommended to restrict network access to the Seagate BlackArmor network attached storage devices system web interface and other devices using open protocols like HTTP because a patch isn't available yet.

A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker was able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, he could trigger such an error with a DNS query leveraging bind-dyndb-ldap's insufficient escaping of the LDAP base DN (distinguished name). This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. New packets are available.

An update for the Apache Tomcat 5 component for JBoss Enterprise Web Server 1.0.2 that fixes multiple security issues and two bugs is now available from the Red Hat Customer Portal.

Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5.

Updated kvm packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5.

Symantec's Web Gateway management GUI is susceptible to file include command injection/execution, file upload/execution and file download/deletion security issues. The management GUI is also susceptible to cross-site scripting (XSS). Successful exploitation could result in execution of arbitrary code in the context of the application, denial of service through deletion of arbitrary system files, and unauthorized access to users' data or to unauthorized network information.

A format string error was discovered in pidgin-otr, an off-the-record messaging plugin for Pidgin. This could be exploited by a remote attacker to cause arbitrary code to be executed on the user's machine. New packets are available.

A vulnerability has been discovered in Sympa, a mailing list manager, that allows to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users. New packets are available.

Sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. New packets are available.

A potential security vulnerability has been identified with OpenVMS ACMELOGIN when SYS$ACM system service for authentication is enabled. The vulnerability could be locally exploited to allow unauthorized access and increased privileges. HP has made patch kits available.

Several vulnerabilities have been found in ImageMagick. Since some of them are critical because they might allow remote code execution, it's recommended to install updates which are available now.

IBM Cognos is vulnerable to multiple stack-based buffer overflows, caused by improper bounds checking by the tm1admsd.exe binary. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. A patch is available now.

OpenOffice.org doesn't allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution. Ikiwiki is a wiki compiler. It doesn't properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
Updated packages are available now.

The HP Business Service Management (HPBSM) application contains a remote code execution vulnerability. HPBSM uses the JBOSS application server. In the default configuration, HPBSM contains open ports that may be accessed by an unauthenticated attacker. The attacker can upload a jsp-shell as a .war file and have the JBOSS application server deploy it as a service. In the default configuration, this attacker shell will run with SYSTEM privileges. Due to this, an unauthenticated attacker may be able to deploy a backdoor shell with SYSTEM privileges. Workarounds are available, but currently no patch.

A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a Denial-of-Service (DoS) attack on both clients and servers. For some systems new packets are available for download.

It was discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes. A new update is available.

Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. A new update is available.

QuickTime 7.7.2 which fix several security issues is now available for Windows platforms .

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.

The ClearQuest Maintenance tool on Microsoft Windows platforms contains a feature to upgrade the user database. This feature is subject to a SQL Injection attack. A new update is available.

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. These may allow remote attackers to execute arbitrary code or cause a denial of service (DoS). New updates are available.

The IRM Server in EMC Documentum Information Rights Management allows remote attackers to cause a denial of service (DoS) via line feed characters in the Id fields of many "batch begin untethered" commands. A new update is available.

Several vulnerabilities were identified in WordPress, a web blogging tool. An upgrade addresses them, so it should be installed immediately.

A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service (DoS) attack on both clients and servers. New packets are available for download.

A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. New packets are available for download.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service (DoS) or privilege escalation. New packets are available for download.

Multiple vulnerabilities has been found and corrected in roundcubemail. They affect Roundcube Webmail 0.5x and allow several attacks like e.g. CSRF, XSS and Denial-of-Service. So an update is recommended.

Rails is a Ruby based framework for web development. When developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document.
Mahara is a portfolio, weblog, and resume builder. It has an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP's.
Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine and lead to a Denial-of-Service (DoS).
Updated packages are available now.

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw has been found in the way the php-cgi executable processes command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter.
Updated packages are available now.

Safari 5.1.7 is now available and addresses many vulnerabilities. So this update is recommended.

OS X Lion v10.7.4 and Security Update 2012-002 is now available, fixing many vulnerabilities. So this update is recommended.

A vulnerability which allows remote attackers to register or unregister RPC services, and consequently cause a Denial-of-Service (DoS) or obtain sensitive information from interprocess communication. This is done via crafted UDP packets containing service commands. Fixes are available now.

Adobe released a security upgrade for Adobe Illustrator CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Adobe has released Adobe Illustrator CS6, which addresses these vulnerabilities also.
Adobe released a security upgrade for Adobe Photoshop CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Adobe also has released Adobe Photoshop CS6, which addresses these vulnerabilities.
Adobe released a security upgrade for Adobe Flash Professional CS5.5 (11.5.1.349) and earlier for Windows and Macintosh. This upgrade addresses a vulnerability that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. Adobe has released Adobe Flash Professional CS6, which also addresses this vulnerability.
Adobe released a security update for Adobe Shockwave Player 11.6.4.634 and earlier versions for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.6.4.634 and earlier for Windows and Macintosh update to Adobe Shockwave Player 11.6.5.635.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

Potential security vulnerabilities have been identified with HP Performance Insight for Networks running on HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be exploited remotely resulting in SQL injection, Cross-Site Scripting (XSS), and privilege elevation. HP has made a hotfix available to resolve the vulnerabilities.

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw has been found in the way the php-cgi executable processes command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter.
Updated packages are available now.

Updated httpd packages that fix multiple security issues and one bug are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. Exploiting vulnerabilities might e.g. lead to remote Denial-of-Service (DoS) or access to confidential data. So an upgrade is recommended.

The Operating System of iPhone, iPad and iPod shows several vulnerabilities that might lead to e.g. Cross-Site Scripting (XSS) attacks, Denial-of-Service (DoS) or remote code execution. Due to this, an update to Apple iOS 5.1.1 is recommended.

Adobe released security updates for Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x. These updates address an object confusion vulnerability that could cause the application to crash and potentially allow an attacker to take control of the affected system.

IBM AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam() function when customer extended LDAP user filtering is configured. Fixes are available now.

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. They might allow remote attackers to conduct Cross-Site Scripting (XSS) attacks, the execution of arbitrary code as well as to provide misleading information. An updated addresses these issues.

VMware Workstation, Player, ESXi and ESX patches address critical security issues. Exploiting the vulnerabilities might allow remote attackers to execute arbitrary code on vulnerable systems or to reach a Denial-of-Service (DoS). So installing these patches is strongly recommended.

A vulnerability has been identified in Citrix Provisioning Services that could result in arbitrary code execution. This vulnerability can be triggered by an attacker sending a specially crafted packet to the Provisioning Services server. Hotfixes address this vulnerability.

Potential security vulnerabilities have been identified with HP SNMP Agents for Linux. The vulnerabilities could be exploited remotely resulting in Cross-Site Scripting (XSS) and URL redirection. HP has provided updates to resolve the vulnerabilities.

Potential security vulnerabilities have been identified with HP Insight Management Agents for Windows Server. The vulnerabilities could be exploited remotely resulting in Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), URL redirection, unauthorized modification, and Denial-of-Service (DoS). HP has provided updates to resolve the vulnerabilities.

Multiple vulnerabilities have been found in Drupal Core. They might allow a Denial-of-Service (DoS) or unauthorized access. Users should upgrade to Drupal 7.13.

Potential security vulnerabilities have been identified with HP System Health Application and Command Line Utilities for Linux. The vulnerabilities could be exploited remotely resulting in execution of arbitrary code. HP has provided updates that are available now.

The Oracle database component contains a vulnerability in the TNS listener service. The TNS listener service accepts unauthenticated remote registrations with the appropriate connect packet. Due to this, an unauthenticated attacker may be able to register a client using an already registered database's instance name to perform a man-in-the-middle attack that allows the attack to sniff database traffic and inject database commands to the server. Oracle has published workarounds to address this vulnerability.

Potential security vulnerabilities have been identified with HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows. These vulnerabilities could be exploited remotely resulting in unauthorized access, execution of arbitrary code, information disclosure , Cross-Site Request Forgery (CSRF), URL redirection, authentication bypass, and Denial-of-Service (DoS).
HP has provided HP System Insight Manager v7.0 (bundled with IM v7.0) for Windows, Linux, and HP-UX to resolve these vulnerabilities.