Gentoo Linux Security Advisory GLSA 200703-28 - CUPS does not properly handle partially-negotiated SSL connections. Upon receiving a partially-negotiated SSL connection, CUPS no longer accepts further incoming connections, as the initial connection never times out. Versions less than 1.2.9 are affected.
9d8aeeb64ccb8c5e90e318692d4f70cf924f596a8f02581a9868a12a61baa1d5
Gentoo Linux Security Advisory GLSA 200703-27 - Squid incorrectly handles TRACE requests that contain a Max-Forwards header field with value 0 in the clientProcessRequest() function. Versions less than 2.6.12 are affected.
42d27666ef13f7d2b8258d9fc62f38162ed04427a08651d282213a87b786a40a
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of America Online with Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected software is America Online 9.0 Security Edition.
6a16c6b2fa6bd6a2e4364fc3b2faf209928ece3e1f3ddb864eb76607692a74f8
Gentoo Linux Security Advisory GLSA 200703-26 - Jean-S
ce1c65bc507a25ed70388b1698af784c5d3905013a8714609d2cead5303469fd
Technical Cyber Security Alert TA07-089A - A stack buffer overflow exists in the code that Microsoft Windows uses to processes animated cursor files. Specifically, Microsoft Windows fails to properly validate the size of an animated cursor file header supplied in animated cursor files. Animated cursor files can be included with HTML files. For instance, a web site can use an animated cursor file to specify the icon that the mouse pointer should use when hovering over a hyperlink. Because of this, malicious web pages and HTML email messages can be used to exploit this vulnerability. In addition, animated cursor files are automatically parsed by Windows Explorer when the containing folder is opened or the file is used as a cursor. Because of this, opening a folder that contains a specially crafted animated cursor file will also trigger this vulnerability. Note that Windows Explorer will process animated cursor files with several different file extensions, such as .ani, .cur, or .ico. Furthermore, Windows will automatically render animated cursor files referenced by HTML documents regardless of the animated cursor file extension. This vulnerability is actively being exploited.
88ff5cb0b2c86b944410bb7da551094c03637adf8b99db901e3d6783b9610e10
VMware Security Advisory - The VMware ESX server has new patches released that address a slew of security issues.
cf9fc52da2246cff687a3a74cf8cee473029ab538b685bc029a694207623808f
Computer Associates (CA) Brightstor Backup suffers from a remote code execution vulnerability in Mediasvr.exe.
3f5b72ba1d741c2f1af11dd43b6615839776262ab1ae08113f6424e968ce231f
Mandriva Linux Security Advisory - Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.
56b220c1da1369eb014d4498a0742c9e0d7755b8ceb84a7f162bd4755ef5ab0e
Gentoo Linux Security Advisory GLSA 200703-25 - Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Versions less than 2.0.7 are affected.
ebfbe3ad37e4cec53357ffaa0a9754510f08a3a4405f3ba9de36ad8d6167c2fe
Mandriva Linux Security Advisory - The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command.
ee68a1f822a62c0a2935ff787c003d60672b64d36193c73cfe7b0f3f19b7173e
Mandriva Linux Security Advisory - Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption. Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack- based buffer overflow.
c541a4dab7a9751579835a79eeceba82d89907d1e65aab44ad601badf6be1ee0
iDefense Security Advisory 03.29.07 - Remote exploitation of a input validation vulnerability in IBM Corp.'s Lotus Sametime allows attackers to execute arbitrary code in the context of the user viewing a malicious web page. The problem specifically exists in the STJNILoader.ocx component of IBM Corp.'s Lotus Sametime product. This ActiveX control is safe for scripting and exports a LoadLibrary function that does not properly sanitize input. iDefense has confirmed that this vulnerability is present in IBM Corp.'s Lotus Sametime STJNILoader.ocx version 3.1.0.26.
176a7cb1e83f154ccc8af07f4cbe77546f283f0105fddba28d1cfc898267a850
AOL has recently been made aware of a denial of service condition that exists in early versions of the AOL 9.0 client software.
886495f614e9e3363d76d06cab2b7dc8556864ff6b1690722ae7362795ff25f2
Ubuntu Security Notice 447-1 - It was discovered that Konqueror did not correctly handle iframes from JavaScript. If a user were tricked into visiting a malicious website, Konqueror could crash, resulting in a denial of service. A flaw was discovered in how Konqueror handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user's network, leading to private information disclosure.
6f30ca5735d1ecd628e6f21841d5317e2f615139bfb316fc832a3e7b06e07d35
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to overwrite arbitrary files, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
d2c3455bb2e44d6d322132dd5927ea68577474efb484c40923d7401cf8492959
Secunia Security Advisory - Javier Olascoaga has reported some vulnerabilities in IronMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
7921a20f171faf2625345b86267aefba6e4b49a7e6605fff104694433c36c106
Secunia Security Advisory - A security issue has been reported in various Linksys products, which can be exploited to disclose certain sensitive information.
6a8c32c0ae561b45df40bb096ebfbf6f908e238729167807e34b5c73d5a913c4
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
e321530135c82d63bfa1f7c2e52b14178ad5b905ef9ecf18777389d8570cf2cd
Secunia Security Advisory - rPath has issued an update for inkscape. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
9bc9470c3075b47497df37e827f6cedb9d11f4cbe65c7aaf30a6d5fceb25cf66
Secunia Security Advisory - Jonathan So has discovered a vulnerability in Corel WordPerfect Office X3, which can be exploited by malicious people to compromise a vulnerable system.
1c5f3b829b9a4d7ce0c1ab1d6ad10bbbc3ca5a6950b668208e45f202951b2239
Secunia Security Advisory - Elliot Kendall has reported a weakness in DataDomain OS, which can be exploited by malicious users to bypass certain security restrictions.
c59f88c6cdf4dce10aa65db2ef43b076293daa3337f8b293a18d05178a8b5935
Secunia Security Advisory - A weakness has been reported in Windows Vista, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
baa32d723088c424621fe3799c73001aaaa378aeab9e843599e27c1a7efd8054
Secunia Security Advisory - A vulnerability has been reported in Overlay Weaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
c7dece7738b4f251a3538af7ed0ed2cc5525ee5ef0696be674b71d89243a68fb
Secunia Security Advisory - A vulnerability has been reported in CruiseWorks, which can be exploited by malicious users to bypass certain security restrictions.
b1e3f67807a1acf27353558542c8581d6e09a7986e79c83d8849c1c56b464777
Secunia Security Advisory - Mandriva has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
6b749f74a3e1b723a882d2c93542eece826217dfa645d395bfc86e0b9de4c312